Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8text‹\label{PLM: 9}›
9
10(* constrain sledgehammer to the abstraction layer *)
11unbundle AOT_no_atp
12
13subsection‹Primitive Rule of PLM: Modus Ponens›
14text‹\label{PLM: 9.1}›
15
16AOT_theorem "modus-ponens":
17  assumes φ and φ  ψ
18  shows ψ
19  (* NOTE: semantics needed *)
20  using assms by (simp add: AOT_sem_imp)
21lemmas MP = "modus-ponens"
22
23subsection‹(Modally Strict) Proofs and Derivations›
24text‹\label{PLM: 9.2}›
25
26AOT_theorem "non-con-thm-thm":
27  assumes  φ
28  shows  φ
29  using assms by simp
30
31AOT_theorem "vdash-properties:1[1]":
32  assumes φ  Λ
33  shows  φ
34  (* NOTE: semantics needed *)
35  using assms unfolding AOT_model_act_axiom_def by blast
36
37text‹Convenience attribute for instantiating modally-fragile axioms.›
38attribute_setup act_axiom_inst =
39  ‹Scan.succeed (Thm.rule_attribute []
40    (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
41  "Instantiate modally fragile axiom as modally fragile theorem."
42
43AOT_theorem "vdash-properties:1[2]":
44  assumes φ  Λ
45  shows  φ
46  (* NOTE: semantics needed *)
47  using assms unfolding AOT_model_axiom_def by blast
48
49text‹Convenience attribute for instantiating modally-strict axioms.›
50attribute_setup axiom_inst =
51  ‹Scan.succeed (Thm.rule_attribute []
52    (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
53  "Instantiate axiom as theorem."
54
55text‹Convenience methods and theorem sets for applying "cqt:2".›
56method cqt_2_lambda_inst_prover =
57  (fast intro: AOT_instance_of_cqt_2_intro)
58method "cqt:2[lambda]" =
59  (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
60lemmas "cqt:2" =
61  "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst]
62  AOT_instance_of_cqt_2_intro
63method "cqt:2" = (safe intro!: "cqt:2")
64
65AOT_theorem "vdash-properties:3":
66  assumes  φ
67  shows Γ  φ
68  using assms by blast
69
70AOT_theorem "vdash-properties:5":
71  assumes Γ1  φ and Γ2  φ  ψ
72  shows Γ1, Γ2  ψ
73  using MP assms by blast
74
75AOT_theorem "vdash-properties:6":
76  assumes φ and φ  ψ
77  shows ψ
78  using MP assms by blast
79
80AOT_theorem "vdash-properties:8":
81  assumes Γ  φ and φ  ψ
82  shows Γ  ψ
83  using assms by argo
84
85AOT_theorem "vdash-properties:9":
86  assumes φ
87  shows ψ  φ
88  using MP "pl:1"[axiom_inst] assms by blast
89
90AOT_theorem "vdash-properties:10":
91  assumes φ  ψ and φ
92  shows ψ
93  using MP assms by blast
94lemmas "→E" = "vdash-properties:10"
95
96subsection‹Two Fundamental Metarules: GEN and RN›
97text‹\label{PLM: 9.3}›
98
99AOT_theorem "rule-gen":
100  assumes for arbitrary α: φ{α}
101  shows α φ{α}
102  (* NOTE: semantics needed *)
103  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall)
104lemmas GEN = "rule-gen"
105
106AOT_theorem "RN[prem]":
107  assumes Γ  φ
108  shows Γ  φ
109  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
110AOT_theorem RN:
111  assumes  φ
112  shows φ
113  using "RN[prem]" assms by blast
114
115subsection‹The Inferential Role of Definitions›
116text‹\label{PLM: 9.4}›
117
118AOT_axiom "df-rules-formulas[1]":
119  assumes φ df ψ
120  shows φ  ψ
121  (* NOTE: semantics needed *)
122  using assms
123  by (auto simp: assms AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
124AOT_axiom "df-rules-formulas[2]":
125  assumes φ df ψ
126  shows ψ  φ
127  (* NOTE: semantics needed *)
128  using assms
129  by (auto simp: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
130(* NOTE: for convenience also state the above as regular theorems *)
131AOT_theorem "df-rules-formulas[3]":
132  assumes φ df ψ
133  shows φ  ψ
134  using "df-rules-formulas[1]"[axiom_inst, OF assms].
135AOT_theorem "df-rules-formulas[4]":
136  assumes φ df ψ
137  shows ψ  φ
138  using "df-rules-formulas[2]"[axiom_inst, OF assms].
139
140
141AOT_axiom "df-rules-terms[1]":
142  assumes τ{α1...αn} =df σ{α1...αn}
143  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
144         (¬σ{τ1...τn}  ¬τ{τ1...τn})
145  (* NOTE: semantics needed *)
146  using assms
147  by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq
148                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
149AOT_axiom "df-rules-terms[2]":
150  assumes τ =df σ
151  shows (σ  τ = σ) & (¬σ  ¬τ)
152  by (metis "df-rules-terms[1]" case_unit_Unity assms)
153(* NOTE: for convenience also state the above as regular theorems *)
154AOT_theorem "df-rules-terms[3]":
155  assumes τ{α1...αn} =df σ{α1...αn}
156  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
157         (¬σ{τ1...τn}  ¬τ{τ1...τn})
158  using "df-rules-terms[1]"[axiom_inst, OF assms].
159AOT_theorem "df-rules-terms[4]":
160  assumes τ =df σ
161  shows (σ  τ = σ) & (¬σ  ¬τ)
162  using "df-rules-terms[2]"[axiom_inst, OF assms].
163
164subsection‹The Theory of Negations and Conditionals›
165text‹\label{PLM: 9.5}›
166
167AOT_theorem "if-p-then-p": φ  φ
168  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
169
170AOT_theorem "deduction-theorem":
171  assumes φ  ψ
172  shows φ  ψ
173  (* NOTE: semantics needed *)
174  using assms by (simp add: AOT_sem_imp)
175lemmas CP = "deduction-theorem"
176lemmas "→I" = "deduction-theorem"
177
178AOT_theorem "ded-thm-cor:1":
179  assumes Γ1  φ  ψ and Γ2  ψ  χ
180  shows Γ1, Γ2  φ  χ
181  using "→E" "→I" assms by blast
182AOT_theorem "ded-thm-cor:2":
183  assumes Γ1  φ  (ψ  χ) and Γ2  ψ
184  shows Γ1, Γ2  φ  χ
185  using "→E" "→I" assms by blast
186
187AOT_theorem "ded-thm-cor:3":
188  assumes φ  ψ and ψ  χ
189  shows φ  χ
190  using "→E" "→I" assms by blast
191declare "ded-thm-cor:3"[trans]
192AOT_theorem "ded-thm-cor:4":
193  assumes φ  (ψ  χ) and ψ
194  shows φ  χ
195  using "→E" "→I" assms by blast
196
197lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
198
199AOT_theorem "useful-tautologies:1": ¬¬φ  φ
200  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
201AOT_theorem "useful-tautologies:2": φ  ¬¬φ
202  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
203AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
204  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
205AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
206  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
207AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
208  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
209
210AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
211  by (metis "→I" MP "useful-tautologies:4")
212
213AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
214  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
215
216AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
217  by (metis "→I" MP "useful-tautologies:5")
218
219AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
220  by (metis "→I" MP "useful-tautologies:6")
221
222AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
223  by (metis "→I" MP "pl:3"[axiom_inst])
224
225AOT_theorem "dn-i-e:1":
226  assumes φ
227  shows ¬¬φ
228  using MP "useful-tautologies:2" assms by blast
229lemmas "¬¬I" = "dn-i-e:1"
230AOT_theorem "dn-i-e:2":
231  assumes ¬¬φ
232  shows φ
233  using MP "useful-tautologies:1" assms by blast
234lemmas "¬¬E" = "dn-i-e:2"
235
236AOT_theorem "modus-tollens:1":
237  assumes φ  ψ and ¬ψ
238  shows ¬φ
239  using MP "useful-tautologies:5" assms by blast
240AOT_theorem "modus-tollens:2":
241  assumes φ  ¬ψ and ψ
242  shows ¬φ
243  using "¬¬I" "modus-tollens:1" assms by blast
244lemmas MT = "modus-tollens:1" "modus-tollens:2"
245
246AOT_theorem "contraposition:1[1]":
247  assumes φ  ψ
248  shows ¬ψ  ¬φ
249  using "→I" MT(1) assms by blast
250AOT_theorem "contraposition:1[2]":
251  assumes ¬ψ  ¬φ
252  shows φ  ψ
253  using "→I" "¬¬E" MT(2) assms by blast
254
255AOT_theorem "contraposition:2":
256  assumes φ  ¬ψ
257  shows ψ  ¬φ
258  using "→I" MT(2) assms by blast
259
260(* TODO: this is actually a mixture of the two variants given in PLM. *)
261AOT_theorem "reductio-aa:1":
262  assumes ¬φ  ¬ψ and ¬φ  ψ
263  shows φ
264  using "→I" "¬¬E" MT(2) assms by blast
265AOT_theorem "reductio-aa:2":
266  assumes φ  ¬ψ and φ  ψ
267  shows ¬φ
268  using "reductio-aa:1" assms by blast
269lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
270
271AOT_theorem "exc-mid": φ  ¬φ
272  using "df-rules-formulas[4]" "if-p-then-p" MP
273        "conventions:2" by blast
274
275AOT_theorem "non-contradiction": ¬(φ & ¬φ)
276  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2"
277        "conventions:1" by blast
278
279AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
280  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
281AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
282  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2)
283            "¬¬E" "conventions:1")
284lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
285
286AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
287  by (meson "contraposition:1[2]" "df-rules-formulas[4]"
288            MP "→I" "conventions:2")
289AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
290  using "Hypothetical Syllogism" "df-rules-formulas[4]"
291        "pl:1"[axiom_inst] "conventions:2" by blast
292lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
293
294AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
295  by (metis "contraposition:2" "Hypothetical Syllogism" "→I"
296            "df-rules-formulas[4]" "conventions:1")
297lemmas Adjunction = "con-dis-taut:5"
298
299AOT_theorem "con-dis-taut:6": (φ & φ)  φ
300  by (metis Adjunction "→I" "df-rules-formulas[4]" MP
301            "Conjunction Simplification"(1) "conventions:3")
302lemmas "Idempotence of &" = "con-dis-taut:6"
303
304AOT_theorem "con-dis-taut:7": (φ  φ)  φ
305proof -
306  {
307    AOT_assume φ  φ
308    AOT_hence ¬φ  φ
309      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
310    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
311  }
312  moreover {
313    AOT_assume φ
314    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
315  }
316  ultimately AOT_show (φ  φ)  φ
317    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
318    by (metis Adjunction "→I")
319qed
320lemmas "Idempotence of ∨" = "con-dis-taut:7"
321
322
323AOT_theorem "con-dis-i-e:1":
324  assumes φ and ψ
325  shows φ & ψ
326  using Adjunction MP assms by blast
327lemmas "&I" = "con-dis-i-e:1"
328
329AOT_theorem "con-dis-i-e:2:a":
330  assumes φ & ψ
331  shows φ
332  using "Conjunction Simplification"(1) MP assms by blast
333AOT_theorem "con-dis-i-e:2:b":
334  assumes φ & ψ
335  shows ψ
336  using "Conjunction Simplification"(2) MP assms by blast
337lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
338
339AOT_theorem "con-dis-i-e:3:a":
340  assumes φ
341  shows φ  ψ
342  using "Disjunction Addition"(1) MP assms by blast
343AOT_theorem "con-dis-i-e:3:b":
344  assumes ψ
345  shows φ  ψ
346  using "Disjunction Addition"(2) MP assms by blast
347AOT_theorem "con-dis-i-e:3:c":
348  assumes φ  ψ and φ  χ and ψ  Θ
349  shows χ  Θ
350  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2)
351            "df-rules-formulas[3]" MT(1) RAA(1)
352            "conventions:2" assms)
353lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
354
355AOT_theorem "con-dis-i-e:4:a":
356  assumes φ  ψ and φ  χ and ψ  χ
357  shows χ
358  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
359AOT_theorem "con-dis-i-e:4:b":
360  assumes φ  ψ and ¬φ
361  shows ψ
362  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
363AOT_theorem "con-dis-i-e:4:c":
364  assumes φ  ψ and ¬ψ
365  shows φ
366  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
367lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
368
369AOT_theorem "raa-cor:1":
370  assumes ¬φ  ψ & ¬ψ
371  shows φ
372  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
373AOT_theorem "raa-cor:2":
374  assumes φ  ψ & ¬ψ
375  shows ¬φ
376  using "raa-cor:1" assms by blast
377AOT_theorem "raa-cor:3":
378  assumes φ and ¬ψ  ¬φ
379  shows ψ
380  using RAA assms by blast
381AOT_theorem "raa-cor:4":
382  assumes ¬φ and ¬ψ  φ
383  shows ψ
384  using RAA assms by blast
385AOT_theorem "raa-cor:5":
386  assumes φ and ψ  ¬φ
387  shows ¬ψ
388  using RAA assms by blast
389AOT_theorem "raa-cor:6":
390  assumes ¬φ and ψ  φ
391  shows ¬ψ
392  using RAA assms by blast
393
394(* TODO: note these need manual introduction rules *)
395AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
396  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
397     (metis "&E" "&I" "raa-cor:3" "→I" MP)
398AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
399  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
400     (metis "&E" "&I" "raa-cor:3" "→I" MP)
401AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
402  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
403     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
404
405AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
406  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
407     (meson "&I" "&E" "→I")
408lemmas "Commutativity of &" = "oth-class-taut:2:a"
409AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
410  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
411     (metis "&I" "&E" "→I")
412lemmas "Associativity of &" = "oth-class-taut:2:b"
413AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
414  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
415     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
416lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
417AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
418  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
419     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
420lemmas "Associativity of ∨" = "oth-class-taut:2:d"
421AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
422  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
423      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E"
424            "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
425lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
426AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
427  using "conventions:3"[THEN "df-rules-formulas[4]"]
428        "conventions:3"[THEN "df-rules-formulas[3]"]
429        "→I" "→E" "&E" "&I"
430  by metis
431lemmas "Associativity of ≡" = "oth-class-taut:2:f"
432
433AOT_theorem "oth-class-taut:3:a": φ  φ
434  using "&I" "vdash-properties:6" "if-p-then-p"
435        "df-rules-formulas[4]" "conventions:3" by blast
436AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
437  using "&I" "useful-tautologies:1" "useful-tautologies:2" "→E"
438        "df-rules-formulas[4]" "conventions:3" by blast
439AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
440  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
441
442AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
443  by (metis "→E" "→I")
444AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
445  using "conventions:3"[THEN "df-rules-formulas[4]"]
446        "conventions:3"[THEN "df-rules-formulas[3]"]
447        "→I" "→E" "&E" "&I" RAA by metis
448AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
449  using "conventions:3"[THEN "df-rules-formulas[4]"]
450        "conventions:3"[THEN "df-rules-formulas[3]"]
451        "→I" "→E" "&E" "&I" by metis
452AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
453  using "conventions:3"[THEN "df-rules-formulas[4]"]
454        "conventions:3"[THEN "df-rules-formulas[3]"]
455        "→I" "→E" "&E" "&I" by metis
456AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
457  using "conventions:3"[THEN "df-rules-formulas[4]"]
458        "conventions:3"[THEN "df-rules-formulas[3]"]
459        "→I" "→E" "&E" "&I" by metis
460AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
461  using "conventions:3"[THEN "df-rules-formulas[4]"]
462        "conventions:3"[THEN "df-rules-formulas[3]"]
463        "→I" "→E" "&E" "&I" by metis
464AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
465proof(safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
466                   "&I" "→I"
467           dest!: "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
468  AOT_show φ & ψ  (¬φ & ¬ψ) if (φ  ψ) & (ψ  φ)
469    using "&E" "∨I" "→E" "&I" "raa-cor:1" "→I" "∨E" that by metis
470next
471  AOT_show ψ if φ & ψ  (¬φ & ¬ψ) and φ
472    using that "∨E" "&E" "raa-cor:3" by blast
473next
474  AOT_show φ if φ & ψ  (¬φ & ¬ψ) and ψ
475    using that "∨E" "&E" "raa-cor:3" by blast
476qed
477AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
478proof (safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
479                    "&I" "→I")
480  AOT_show φ & ¬ψ  (¬φ & ψ) if ¬(φ  ψ)
481    by (metis that "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]"
482              "raa-cor:3" "conventions:3")
483next
484  AOT_show ¬(φ  ψ) if φ & ¬ψ  (¬φ & ψ)
485    by (metis that "&E" "∨E"(2) "→E" "df-rules-formulas[3]"
486              "raa-cor:3" "conventions:3")
487qed
488AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
489  using "conventions:3"[THEN "df-rules-formulas[4]"]
490        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
491AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
492  using "conventions:3"[THEN "df-rules-formulas[4]"]
493        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
494AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
495  using "conventions:3"[THEN "df-rules-formulas[4]"]
496        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
497AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
498  using "conventions:3"[THEN "df-rules-formulas[4]"]
499        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
500
501lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
502
503AOT_theorem "oth-class-taut:6:a": (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
504  using "conventions:3"[THEN "df-rules-formulas[4]"]
505        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
506AOT_theorem "oth-class-taut:6:b": (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
507  using "conventions:3"[THEN "df-rules-formulas[4]"]
508        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
509
510AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
511  by (metis "&I" "→E" "→I")
512lemmas Exportation = "oth-class-taut:7:a"
513AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
514  by (metis "&E" "→E" "→I")
515lemmas Importation = "oth-class-taut:7:b"
516
517AOT_theorem "oth-class-taut:8:a": (φ  (ψ  χ))  (ψ  (φ  χ))
518  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I"
519  by metis
520lemmas Permutation = "oth-class-taut:8:a"
521AOT_theorem "oth-class-taut:8:b": (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
522  by (metis "&I" "→E" "→I")
523lemmas Composition = "oth-class-taut:8:b"
524AOT_theorem "oth-class-taut:8:c": (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
525  by (metis "∨E"(2) "→E" "→I" RAA(1))
526AOT_theorem "oth-class-taut:8:d":
527  ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
528  by (metis "&E" "&I" "→E" "→I")
529lemmas "Double Composition" = "oth-class-taut:8:d"
530AOT_theorem "oth-class-taut:8:e": ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
531  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
532            "conventions:3"[THEN "df-rules-formulas[3]"]
533            "→I" "→E" "&E" "&I")
534AOT_theorem "oth-class-taut:8:f": ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
535  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
536            "conventions:3"[THEN "df-rules-formulas[3]"]
537            "→I" "→E" "&E" "&I")
538AOT_theorem "oth-class-taut:8:g": (ψ  χ)  ((φ  ψ)  (φ  χ))
539  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
540            "conventions:3"[THEN "df-rules-formulas[3]"]
541            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
542AOT_theorem "oth-class-taut:8:h": (ψ  χ)  ((ψ  φ)  (χ  φ))
543  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
544            "conventions:3"[THEN "df-rules-formulas[3]"]
545            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
546AOT_theorem "oth-class-taut:8:i": (φ  (ψ & χ))  (ψ  (φ  χ))
547  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
548            "conventions:3"[THEN "df-rules-formulas[3]"]
549            "→I" "→E" "&E" "&I")
550
551AOT_theorem "intro-elim:1":
552  assumes φ  ψ and φ  χ and ψ  Θ
553  shows χ  Θ
554  by (metis assms "∨I"(1, 2) "∨E"(1) "→I" "→E" "&E"(1)
555            "conventions:3"[THEN "df-rules-formulas[3]"])
556
557AOT_theorem "intro-elim:2":
558  assumes φ  ψ and ψ  φ
559  shows φ  ψ
560  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
561lemmas "≡I" = "intro-elim:2"
562
563AOT_theorem "intro-elim:3:a":
564  assumes φ  ψ and φ
565  shows ψ
566  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
567AOT_theorem "intro-elim:3:b":
568  assumes φ  ψ and ψ
569  shows φ
570  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
571AOT_theorem "intro-elim:3:c":
572  assumes φ  ψ and ¬φ
573  shows ¬ψ
574  using "intro-elim:3:b" "raa-cor:3" assms by blast
575AOT_theorem "intro-elim:3:d":
576  assumes φ  ψ and ¬ψ
577  shows ¬φ
578  using "intro-elim:3:a" "raa-cor:3" assms by blast
579AOT_theorem "intro-elim:3:e":
580  assumes φ  ψ and ψ  χ
581  shows φ  χ
582  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
583declare "intro-elim:3:e"[trans]
584AOT_theorem "intro-elim:3:f":
585  assumes φ  ψ and φ  χ
586  shows χ  ψ
587  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
588lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c"
589              "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
590
591declare "Commutativity of ≡"[THEN "≡E"(1), sym]
592
593AOT_theorem "rule-eq-df:1":
594  assumes φ df ψ
595  shows φ  ψ
596  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
597lemmas "≡Df" = "rule-eq-df:1"
598AOT_theorem "rule-eq-df:2":
599  assumes φ df ψ and φ
600  shows ψ
601  using "≡Df" "≡E"(1) assms by blast
602lemmas "≡dfE" = "rule-eq-df:2"
603AOT_theorem "rule-eq-df:3":
604  assumes φ df ψ and ψ
605  shows φ
606  using "≡Df" "≡E"(2) assms by blast
607lemmas "≡dfI" = "rule-eq-df:3"
608
609AOT_theorem  "df-simplify:1":
610  assumes φ  (ψ & χ) and ψ
611  shows φ  χ
612  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
613(* TODO: this is a slight variation from PLM *)
614AOT_theorem  "df-simplify:2":
615  assumes φ  (ψ & χ) and χ
616  shows φ  ψ
617  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
618lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
619
620subsection‹The Theory of Quantification›
621text‹\label{PLM: 9.6}›
622
623AOT_theorem "rule-ui:1":
624  assumes α φ{α} and τ
625  shows φ{τ}
626  using "→E" "cqt:1"[axiom_inst] assms by blast
627AOT_theorem "rule-ui:2[const_var]":
628  assumes α φ{α}
629  shows φ{β}
630  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
631(* TODO: precise proviso in PLM *)
632AOT_theorem "rule-ui:2[lambda]":
633  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
634  shows φ{ν1...νn ψ{ν1...νn}]}
635  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
636AOT_theorem "rule-ui:3":
637  assumes α φ{α}
638  shows φ{α}
639  by (simp add: "rule-ui:2[const_var]" assms)
640lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]"
641              "rule-ui:2[lambda]" "rule-ui:3"
642
643AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β}
644  by (simp add: "∀E"(2) "→I")
645AOT_theorem "cqt-orig:1[lambda]":
646  assumes INSTANCE_OF_CQT_2(ψ)
647  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
648  by (simp add: "∀E"(3) "→I" assms)
649AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
650  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
651AOT_theorem "cqt-orig:3": α φ{α}  φ{α} using "cqt-orig:1[const_var]" .
652
653(* TODO: work out difference to GEN *)
654AOT_theorem universal:
655  assumes for arbitrary β: φ{β}
656  shows α φ{α}
657  using GEN assms .
658lemmas "∀I" = universal
659
660(* Generalized mechanism for "∀I" followed by ∀E *)
661ML662fun get_instantiated_allI ctxt varname thm = let
663val trm = Thm.concl_of thm
664val trm =
665  case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
666  | _ => raise Term.TERM ("Expected simple theorem.", [trm])
667fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
668    (* TODO: care about the index? *)
669    (if fst (fst v) = fst varname then [Var v] else [])
670  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
671  | extractVars (Abs (_, _, t)) = extractVars t
672  | extractVars _ = []
673val vars = extractVars trm
674val vars = fold Term.add_vars vars []
675val var = hd vars
676val trmty =
677  case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
678  | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
679val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
680      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
681       $ Var var, trm))
682val trm = Thm.cterm_of (Context.proof_of ctxt) trm
683val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
684val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
685val allthm = Drule.instantiate_normalize ([(ty, typ)],[]) @{thm "∀I"}
686val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
687val allthm = Drule.instantiate_normalize ([],[(phi,trm)]) allthm
688in
689allthm
690end
691
692
693attribute_setup "∀I" =
694  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
695  (fn ctxt => fn thm => fold (fn arg => fn thm =>
696    thm RS get_instantiated_allI ctxt arg thm) args thm))
697  "Quantify over a variable in a theorem using GEN."
698
699attribute_setup "unvarify" =
700  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
701  (fn ctxt => fn thm =>
702    let
703      fun get_inst_allI arg thm = thm RS get_instantiated_allI ctxt arg thm
704      val thm = fold get_inst_allI args thm
705      val thm = fold (K (fn thm => thm RS @{thm "∀E"(1)})) args thm
706    in
707     thm
708    end))
709  "Generalize a statement about variables to a statement about denoting terms."
710
711(* TODO: rereplace-lem does not apply to the embedding *)
712
713AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
714  by (metis "≡I" "∀E"(2) "∀I" "→I")
715
716AOT_theorem "cqt-basic:2":
717  α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
718proof (rule "≡I"; rule "→I")
719  AOT_assume α(φ{α}  ψ{α})
720  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
721  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
722    using "≡E"(1,2) "→I" by blast+
723  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
724    by (auto intro: "&I" "∀I")
725next
726  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
727  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
728    using "∀E"(2) "&E" by blast+
729  AOT_hence φ{α}  ψ{α} for α
730    using "≡I" by blast
731  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
732qed
733
734AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
735proof(rule "→I")
736  AOT_assume α(φ{α}  ψ{α})
737  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
738  {
739    AOT_assume α φ{α}
740    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
741  }
742  moreover {
743    AOT_assume α ψ{α}
744    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
745  }
746  ultimately AOT_show α φ{α}  α ψ{α}
747    using "≡I" "→I" by auto
748qed
749
750AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
751proof(rule "→I")
752  AOT_assume 0: α(φ{α} & ψ{α})
753  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
754  AOT_thus α φ{α} & α ψ{α}
755    by (auto intro: "∀I" "&I")
756qed
757
758AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
759  using "cqt-orig:3" by blast
760
761AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
762  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
763
764AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
765  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
766
767AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
768  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
769
770AOT_theorem "cqt-basic:9":
771  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
772proof -
773  {
774    AOT_assume α (φ{α}  ψ{α})
775    moreover AOT_assume α (ψ{α}  χ{α})
776    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α
777      using "∀E" by blast+
778    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
779    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
780  }
781  thus ?thesis using "&I" "→I" "&E" by meson
782qed
783
784AOT_theorem "cqt-basic:10":
785  (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
786proof(rule "→I"; rule "∀I")
787  fix β
788  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
789  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
790  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
791qed
792
793AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
794proof (rule "≡I"; rule "→I")
795  AOT_assume 0: α(φ{α}  ψ{α})
796  {
797    fix α
798    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
799    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
800  }
801  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
802next
803  AOT_assume 0: α(ψ{α}  φ{α})
804  {
805    fix α
806    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
807    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
808  }
809  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
810qed
811
812AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
813  by (simp add: "∀E"(2) "→I" GEN)
814
815AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
816  using "≡I" "→I" by blast
817
818AOT_theorem "cqt-basic:14":
819  (α1...∀αn (φ{α1...αn}  ψ{α1...αn})) 
820   ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
821  using "cqt:3"[axiom_inst] by auto
822
823AOT_theorem "cqt-basic:15":
824  (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
825  using "cqt-orig:2" by auto
826
827(* TODO: indistinguishable from GEN in the embedding *)
828AOT_theorem "universal-cor":
829  assumes for arbitrary β: φ{β}
830  shows α φ{α}
831  using GEN assms .
832
833AOT_theorem "existential:1":
834  assumes φ{τ} and τ
835  shows α φ{α}
836proof(rule "raa-cor:1")
837  AOT_assume ¬α φ{α}
838  AOT_hence α ¬φ{α}
839    using "≡dfI" "conventions:4" RAA "&I" by blast
840  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
841  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
842qed
843
844AOT_theorem "existential:2[const_var]":
845  assumes φ{β}
846  shows α φ{α}
847  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
848
849AOT_theorem "existential:2[lambda]":
850  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
851  shows α φ{α}
852  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
853lemmas "∃I" = "existential:1" "existential:2[const_var]"
854              "existential:2[lambda]" 
855
856AOT_theorem "instantiation":
857  assumes for arbitrary β: φ{β}  ψ and α φ{α}
858  shows ψ
859  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
860lemmas "∃E" = "instantiation"
861
862AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
863  using "∀E"(4) "∃I"(2) "→I" by metis
864
865AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
866  using "∀I" "∃I"(2) "→I" RAA by metis
867
868AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
869  using "∀E"(4) "∃E" "→I" RAA
870  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
871
872AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
873  using "∀I" "∃I"(2)"→I" RAA by metis
874
875AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
876  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
877
878AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
879  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
880
881(* NOTE: vacuous in the embedding *)
882AOT_theorem "cqt-further:7": α φ{α}  β φ{β}
883  by (simp add: "oth-class-taut:3:a")
884
885AOT_theorem "cqt-further:8": (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
886  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
887
888AOT_theorem "cqt-further:9": (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
889  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
890
891AOT_theorem "cqt-further:10": (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
892proof(rule "→I"; rule "raa-cor:2")
893  AOT_assume 0: α φ{α} & ¬α ψ{α}
894  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
895  moreover AOT_assume α (φ{α}  ψ{α})
896  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
897  AOT_hence α ψ{α} using "∃I" by blast
898  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
899qed
900
901AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
902  using "≡I" "→I" "∃I"(2) "∃E" by metis
903
904subsection‹Logical Existence, Identity, and Truth›
905text‹\label{PLM: 9.7}›
906
907AOT_theorem "log-prop-prop:1":  φ]
908  using "cqt:2[lambda0]"[axiom_inst] by auto
909
910AOT_theorem "log-prop-prop:2": φ
911  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
912
913AOT_theorem "exist-nec": τ  τ
914proof -
915  AOT_have β β
916    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
917  AOT_thus τ  τ
918    using "cqt:1"[axiom_inst] "→E" by blast
919qed
920
921(* TODO: replace this mechanism by a "proof by types" command *)
922class AOT_Term_id = AOT_Term +
923  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
924      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
925
926instance κ :: AOT_Term_id
927proof
928  AOT_modally_strict {
929    AOT_show κ = κ'  κ for κ κ'
930    proof(rule "→I")
931      AOT_assume κ = κ'
932      AOT_hence O!κ  A!κ
933        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
934           (meson "→I" "∨I"(1) "&E"(1))+
935      AOT_thus κ
936        by (rule "∨E"(1))
937           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
938    qed
939  }
940next
941  AOT_modally_strict {
942    AOT_show κ = κ'  κ' for κ κ'
943    proof(rule "→I")
944      AOT_assume κ = κ'
945      AOT_hence O!κ'  A!κ'
946        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
947           (meson "→I" "∨I" "&E")+
948      AOT_thus κ'
949        by (rule "∨E"(1))
950           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
951    qed
952  }
953qed
954
955instance rel :: (AOT_κs) AOT_Term_id
956proof
957  AOT_modally_strict {
958    AOT_show Π = Π'  Π for Π Π' :: <'a>
959    proof(rule "→I")
960      AOT_assume Π = Π'
961      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
962    qed
963  }
964next
965  AOT_modally_strict {
966    AOT_show Π = Π'  Π' for Π Π' :: <'a>
967    proof(rule "→I")
968      AOT_assume Π = Π'
969      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
970    qed
971  }
972qed
973
974instance 𝗈 :: AOT_Term_id
975proof
976  AOT_modally_strict {
977    fix φ ψ
978    AOT_show φ = ψ  φ
979    proof(rule "→I")
980      AOT_assume φ = ψ
981      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
982    qed
983  }
984next
985  AOT_modally_strict {
986    fix φ ψ
987    AOT_show φ = ψ  ψ
988    proof(rule "→I")
989      AOT_assume φ = ψ
990      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
991    qed
992  }
993qed
994
995instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
996proof
997  AOT_modally_strict {
998    fix τ τ' :: 'a×'b
999    AOT_show τ = τ'  τ
1000    proof (induct τ; induct τ'; rule "→I")
1001      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1002      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1003      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1004      AOT_hence τ1 and τ2
1005        using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
1006      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
1007    qed
1008  }
1009next
1010  AOT_modally_strict {
1011    fix τ τ' :: 'a×'b
1012    AOT_show τ = τ'  τ'
1013    proof (induct τ; induct τ'; rule "→I")
1014      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1015      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1016      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1017      AOT_hence τ1' and τ2'
1018        using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
1019      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
1020    qed
1021  }
1022qed
1023
1024(* This is the end of the "proof by types" and
1025   makes the results available on new theorems *)
1026AOT_register_type_constraints
1027  Term: _::AOT_Term_id› _::AOT_Term_id›
1028AOT_register_type_constraints
1029  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
1030AOT_register_type_constraints
1031  Relation: <_::{AOT_κs, AOT_Term_id}>
1032
1033AOT_theorem "id-rel-nec-equiv:1":
1034  Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1035proof(rule "→I")
1036  AOT_assume assumption: Π = Π'
1037  AOT_hence Π and Π'
1038    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1039  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn)) 
1040                                     x1...∀xn ([F]x1...xn  [G]x1...xn)))
1041    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1042  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1043                                   x1...∀xn ([Π]x1...xn  [Π']x1...xn))
1044    using "∀E"(1) by blast
1045  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1046             x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1047    using assumption "→E" by blast
1048  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
1049    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1050  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1051    using "→E" by blast
1052qed
1053
1054AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
1055proof(rule "→I")
1056  AOT_assume assumption: φ = ψ
1057  AOT_hence φ and ψ
1058    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1059  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
1060    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1061  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
1062    using "∀E"(1) by blast
1063  AOT_hence (φ  φ)  (φ  ψ)
1064    using assumption "→E" by blast
1065  moreover AOT_have (φ  φ)
1066    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1067  ultimately AOT_show (φ  ψ)
1068    using "→E" by blast
1069qed
1070
1071AOT_theorem "rule=E":
1072  assumes φ{τ} and τ = σ
1073  shows φ{σ}
1074proof -
1075  AOT_have τ and σ
1076    using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
1077  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
1078    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
1079  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
1080    using "∀E"(1) by blast
1081  AOT_thus φ{σ} using assms "→E" by blast
1082qed
1083
1084AOT_theorem "propositions-lemma:1":  φ] = φ
1085proof -
1086  AOT_have φ by (simp add: "log-prop-prop:2")
1087  moreover AOT_have p  p] = p
1088    using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
1089  ultimately AOT_show  φ] = φ
1090    using "∀E" by blast
1091qed
1092
1093AOT_theorem "propositions-lemma:2":  φ]  φ
1094proof -
1095  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
1096  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
1097qed
1098
1099(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
1100
1101AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
1102  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
1103
1104(* dr-alphabetic-rules does not apply *)
1105
1106AOT_theorem "oa-exist:1": O!
1107proof -
1108  AOT_have x [E!]x] by "cqt:2[lambda]"
1109  AOT_hence 1: O! = x [E!]x]
1110    using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
1111  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1112qed
1113
1114AOT_theorem "oa-exist:2": A!
1115proof -
1116  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
1117  AOT_hence 1: A! = x ¬[E!]x]
1118    using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
1119  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1120qed
1121
1122AOT_theorem "oa-exist:3": O!x  A!x
1123proof(rule "raa-cor:1")
1124  AOT_assume ¬(O!x  A!x)
1125  AOT_hence A: ¬O!x and B: ¬A!x
1126    using "Disjunction Addition"(1) "modus-tollens:1"
1127          "∨I"(2) "raa-cor:5" by blast+
1128  AOT_have C: O! = x [E!]x]
1129    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2"
1130  AOT_have D: A! = x ¬[E!]x]
1131    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2"
1132  AOT_have E: ¬x [E!]x]x
1133    using A C "rule=E" by fast
1134  AOT_have F: ¬x ¬[E!]x]x
1135    using B D "rule=E" by fast
1136  AOT_have G: x [E!]x]x  [E!]x
1137    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1138  AOT_have H: x ¬[E!]x]x  ¬[E!]x
1139    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1140  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
1141qed
1142
1143AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
1144proof -
1145  AOT_have F = G  F & G & x(x[F]  x[G])
1146    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]"
1147          "→E" "&E" "≡I" "→I" by blast
1148  moreover AOT_have F and G
1149    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1150  ultimately AOT_show F = G  x(x[F]  x[G])
1151    using "≡S"(1) "&I" by blast
1152qed
1153
1154AOT_theorem "p-identity-thm2:2[2]":
1155  F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1156proof -
1157  AOT_have F = G  F & G &
1158              y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1159    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1160          "→E" "&E" "≡I" "→I" by blast
1161  moreover AOT_have F and G
1162    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1163  ultimately show ?thesis
1164    using "≡S"(1) "&I" by blast
1165qed
1166    
1167AOT_theorem "p-identity-thm2:2[3]":
1168  F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] &
1169                  x [F]y1xy2] = x [G]y1xy2] &
1170                  x [F]y1y2x] = x [G]y1y2x])
1171proof -
1172  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] &
1173                                     x [F]y1xy2] = x [G]y1xy2] &
1174                                     x [F]y1y2x] = x [G]y1y2x])
1175    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1176          "→E" "&E" "≡I" "→I" by blast
1177  moreover AOT_have F and G
1178    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1179  ultimately show ?thesis
1180    using "≡S"(1) "&I" by blast
1181qed
1182
1183AOT_theorem "p-identity-thm2:2[4]":
1184  F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1185                     x [F]y1xy2y3] = x [G]y1xy2y3] &
1186                     x [F]y1y2xy3] = x [G]y1y2xy3] &
1187                     x [F]y1y2y3x] = x [G]y1y2y3x])
1188proof -
1189  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1190                                        x [F]y1xy2y3] = x [G]y1xy2y3] &
1191                                        x [F]y1y2xy3] = x [G]y1y2xy3] &
1192                                        x [F]y1y2y3x] = x [G]y1y2y3x])
1193    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1194          "→E" "&E" "≡I" "→I" by blast
1195  moreover AOT_have F and G
1196    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1197  ultimately show ?thesis
1198    using "≡S"(1) "&I" by blast
1199qed
1200
1201AOT_theorem "p-identity-thm2:2":
1202  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1203proof -
1204  AOT_have F = G  F & G &
1205              x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1206    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]"
1207          "→E" "&E" "≡I" "→I" by blast
1208  moreover AOT_have F and G
1209    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1210  ultimately show ?thesis
1211    using "≡S"(1) "&I" by blast
1212qed
1213
1214AOT_theorem "p-identity-thm2:3":
1215  p = q  x p] = x q]
1216proof -
1217  AOT_have p = q  p & q & x p] = x q]
1218    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]"
1219          "→E" "&E" "≡I" "→I" by blast
1220  moreover AOT_have p and q
1221    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1222  ultimately show ?thesis
1223    using "≡S"(1) "&I" by blast
1224qed
1225
1226class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
1227
1228instance κ :: AOT_Term_id_2
1229proof
1230  AOT_modally_strict {
1231    fix x
1232    {
1233      AOT_assume O!x
1234      moreover AOT_have F([F]x  [F]x)
1235        using RN GEN "oth-class-taut:3:a" by fast
1236      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
1237    }
1238    moreover {
1239      AOT_assume A!x
1240      moreover AOT_have F(x[F]  x[F])
1241        using RN GEN "oth-class-taut:3:a" by fast
1242      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
1243    }
1244    ultimately AOT_have (O!x & O!x & F([F]x  [F]x)) 
1245                         (A!x & A!x & F(x[F]  x[F]))
1246      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
1247    AOT_thus x = x
1248      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
1249  }
1250qed
1251
1252instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
1253proof
1254  AOT_modally_strict {
1255    fix F :: "<'a> AOT_var"
1256    AOT_have 0: x1...xn [F]x1...xn] = F
1257      by (simp add: "lambda-predicates:3"[axiom_inst])
1258    AOT_have x1...xn [F]x1...xn]
1259      by "cqt:2[lambda]"
1260    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1261      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1262    AOT_show F = F using "rule=E" 0 by force 
1263  }
1264qed
1265
1266instance 𝗈 :: AOT_Term_id_2
1267proof
1268  AOT_modally_strict {
1269    fix p
1270    AOT_have 0:  p] = p
1271      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1272    AOT_have  p]
1273      by (rule "cqt:2[lambda0]"[axiom_inst])
1274    AOT_hence  p] =  p]
1275      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1276    AOT_show p = p using "rule=E" 0 by force
1277  }
1278qed
1279
1280instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1281proof
1282  AOT_modally_strict {
1283    fix α :: ('a×'b) AOT_var›
1284    AOT_show α = α
1285    proof (induct)
1286      AOT_show τ = τ if τ for τ :: 'a×'b
1287        using that
1288      proof (induct τ)
1289        fix τ1 :: 'a and τ2 :: 'b
1290        AOT_assume «(τ1,τ2)»
1291        AOT_hence τ1 and τ2
1292          using "≡dfE" "&E" tuple_denotes by blast+
1293        AOT_hence τ1 = τ1 and τ2 = τ2
1294          using "id-eq:1"[unvarify α] by blast+
1295        AOT_thus «(τ1, τ2)» = «(τ1, τ2)»
1296          by (metis "≡dfI" "&I" tuple_identity_1)
1297      qed
1298    qed
1299  }
1300qed
1301
1302AOT_register_type_constraints
1303  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1304AOT_register_type_constraints
1305  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1306AOT_register_type_constraints
1307  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1308
1309(* TODO: Interestingly, this doesn't depend on "id-eq:1" at all! *)
1310AOT_theorem "id-eq:2": α = β  β = α
1311  by (meson "rule=E" "deduction-theorem")
1312
1313AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1314  using "rule=E" "→I" "&E" by blast
1315
1316AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1317proof (rule "≡I"; rule "→I")
1318  AOT_assume 0: α = β
1319  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1320  AOT_show γ (α = γ  β = γ)
1321    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1322next
1323  AOT_assume γ (α = γ  β = γ)
1324  AOT_hence α = α  β = α using "∀E"(2) by blast
1325  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1326  AOT_hence β = α using "id-eq:1" "→E" by blast
1327  AOT_thus α = β using "id-eq:2" "→E" by blast
1328qed
1329
1330AOT_theorem "rule=I:1":
1331  assumes τ
1332  shows τ = τ
1333proof -
1334  AOT_have α (α = α)
1335    by (rule GEN) (metis "id-eq:1")
1336  AOT_thus τ = τ using assms "∀E" by blast
1337qed
1338
1339AOT_theorem "rule=I:2[const_var]": "α = α"
1340  using "id-eq:1".
1341
1342AOT_theorem "rule=I:2[lambda]":
1343  assumes INSTANCE_OF_CQT_2(φ)
1344  shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1345proof -
1346  AOT_have α (α = α)
1347    by (rule GEN) (metis "id-eq:1")
1348  moreover AOT_have ν1...νn φ{ν1...νn}]
1349    using assms by (rule "cqt:2[lambda]"[axiom_inst])
1350  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]
1351    using assms "∀E" by blast
1352qed
1353
1354lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1355
1356AOT_theorem "rule-id-df:1":
1357  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1358  shows τ{τ1...τn} = σ{τ1...τn}
1359proof -
1360  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1361    using "df-rules-terms[3]" assms(1) "&E" by blast
1362  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1363    using assms(2) "→E" by blast
1364qed
1365
1366AOT_theorem "rule-id-df:1[zero]":
1367  assumes τ =df σ and σ
1368  shows τ = σ
1369proof -
1370  AOT_have σ  τ = σ
1371    using "df-rules-terms[4]" assms(1) "&E" by blast
1372  AOT_thus τ = σ
1373    using assms(2) "→E" by blast
1374qed
1375
1376AOT_theorem "rule-id-df:2:a":
1377  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1378  shows φ{σ{τ1...τn}}
1379proof -
1380  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1381  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1382qed
1383
1384(* TODO: get rid of this, ideally *)
1385AOT_theorem "rule-id-df:2:a[2]":
1386  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1387      and σ{«(τ1,τ2)»}
1388      and φ{τ{«(τ1,τ2)»}}
1389  shows φ{σ{«(τ1,τ2)»}}
1390proof -
1391  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1392  proof -
1393    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1394      (* NOTE: semantics needed *)
1395      using assms
1396      by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not
1397                    AOT_sem_denotes AOT_model_id_def)
1398    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1399      using assms(2) "→E" by blast
1400  qed
1401  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1402qed
1403
1404AOT_theorem "rule-id-df:2:a[zero]":
1405  assumes τ =df σ and σ and φ{τ}
1406  shows φ{σ}
1407proof -
1408  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1409  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1410qed
1411
1412lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1413
1414AOT_theorem "rule-id-df:2:b":
1415  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1416  shows φ{τ{τ1...τn}}
1417proof -
1418  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1419  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1420    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1421  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1422qed
1423
1424(* TODO: get rid of this, ideally *)
1425AOT_theorem "rule-id-df:2:b[2]":
1426  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1427      and σ{«(τ1,τ2)»}
1428      and φ{σ{«(τ1,τ2)»}}
1429  shows φ{τ{«(τ1,τ2)»}}
1430proof -
1431  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1432  proof -
1433    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1434      (* NOTE: semantics needed *)
1435      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq
1436                                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
1437    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1438      using assms(2) "→E" by blast
1439  qed
1440  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1441    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1442  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1443qed
1444
1445AOT_theorem "rule-id-df:2:b[zero]":
1446  assumes τ =df σ and σ and φ{σ}
1447  shows φ{τ}
1448proof -
1449  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1450  AOT_hence σ = τ
1451    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1452  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1453qed
1454
1455lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1456
1457AOT_theorem "free-thms:1": τ  β (β = τ)
1458  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1459
1460AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1461  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1462
1463AOT_theorem "free-thms:3[const_var]": β (β = α)
1464  by (meson "∃I"(2) "id-eq:1")
1465
1466AOT_theorem "free-thms:3[lambda]":
1467  assumes INSTANCE_OF_CQT_2(φ)
1468  shows β (β = ν1...νn φ{ν1...νn}])
1469  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1470
1471AOT_theorem "free-thms:4[rel]": ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1472  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1473            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1474
1475AOT_theorem "free-thms:4[vars]":
1476  ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1477  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1478            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1479
1480AOT_theorem "free-thms:4[1,rel]": ([Π]κ  κ[Π])  β (β = Π)
1481  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1482            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1483AOT_theorem "free-thms:4[1,1]": ([Π]κ  κ[Π])  β (β = κ)
1484  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1485            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1486
1487AOT_theorem "free-thms:4[2,rel]": ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1488  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1489            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1490AOT_theorem "free-thms:4[2,1]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1491  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1492            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1493AOT_theorem "free-thms:4[2,2]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1494  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1495            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1496AOT_theorem "free-thms:4[3,rel]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1497  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1498            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1499AOT_theorem "free-thms:4[3,1]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1500  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1501            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1502AOT_theorem "free-thms:4[3,2]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1503  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1504            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1505AOT_theorem "free-thms:4[3,3]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1506  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1507            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1508AOT_theorem "free-thms:4[4,rel]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1509  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1510            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1511AOT_theorem "free-thms:4[4,1]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1512  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1513            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1514AOT_theorem "free-thms:4[4,2]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1515  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1516            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1517AOT_theorem "free-thms:4[4,3]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1518  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1519            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1520AOT_theorem "free-thms:4[4,4]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1521  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1522            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1523
1524AOT_theorem "ex:1:a": α α
1525  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1526AOT_theorem "ex:1:b": αβ(β = α)
1527  by (rule GEN) (fact "free-thms:3[const_var]")
1528
1529AOT_theorem "ex:2:a": α
1530  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1531AOT_theorem "ex:2:b": β(β = α)
1532  by (rule RN) (fact "free-thms:3[const_var]")
1533
1534AOT_theorem "ex:3:a": α α
1535  by (rule RN) (fact "ex:1:a")
1536AOT_theorem "ex:3:b": αβ(β = α)
1537  by (rule RN) (fact "ex:1:b")
1538
1539AOT_theorem "ex:4:a": α α
1540  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1541AOT_theorem "ex:4:b": αβ(β = α)
1542  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1543
1544AOT_theorem "ex:5:a": α α
1545  by (rule RN) (simp add: "ex:4:a")
1546AOT_theorem "ex:5:b": αβ(β = α)
1547  by (rule RN) (simp add: "ex:4:b")
1548
1549AOT_theorem "all-self=:1": α(α = α)
1550  by (rule RN; rule GEN) (fact "id-eq:1")
1551AOT_theorem "all-self=:2": α(α = α)
1552  by (rule GEN; rule RN) (fact "id-eq:1")
1553
1554AOT_theorem "id-nec:1": α = β  (α = β)
1555proof(rule "→I")
1556  AOT_assume α = β
1557  moreover AOT_have (α = α)
1558    by (rule RN) (fact "id-eq:1")
1559  ultimately AOT_show (α = β) using "rule=E" by fast
1560qed
1561
1562AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1563proof(rule "→I")
1564  AOT_assume asm: τ = σ
1565  moreover AOT_have τ
1566    using calculation "t=t-proper:1" "→E" by blast
1567  moreover AOT_have (τ = τ)
1568    using calculation "all-self=:2" "∀E"(1) by blast
1569  ultimately AOT_show (τ = σ) using "rule=E" by fast
1570qed
1571
1572AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1573proof (rule "≡I"; rule "→I")
1574  AOT_assume asm: φ{α}
1575  AOT_show β (β = α & φ{β})
1576    by (rule "∃I"(2)[where β=α]; rule "&I")
1577       (auto simp: "id-eq:1" asm)
1578next
1579  AOT_assume 0: β (β = α & φ{β})
1580  AOT_obtain β where β = α & φ{β}
1581    using "∃E"[rotated, OF 0] by blast
1582  AOT_thus φ{α} using "&E" "rule=E" by blast
1583qed
1584
1585AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1586proof(rule "→I")
1587  AOT_assume τ
1588  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1589    by (rule GEN) (fact "term-out:1")
1590  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1591    using "∀E" by blast
1592qed
1593
1594(* TODO: example of an apply-style proof. Keep or reformulate? *)
1595AOT_theorem "term-out:3": (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1596  apply (rule "≡I"; rule "→I")
1597   apply (frule "&E"(1))
1598   apply (drule "&E"(2))
1599   apply (rule GEN; rule "≡I"; rule "→I")
1600  using "rule-ui:2[const_var]" "vdash-properties:5"
1601    apply blast
1602   apply (meson "rule=E" "id-eq:1")
1603  apply (rule "&I")
1604  using "id-eq:1" "≡E"(2) "rule-ui:3"
1605   apply blast
1606  apply (rule GEN; rule "→I")
1607  using "≡E"(1) "rule-ui:2[const_var]"
1608  by blast
1609
1610(* Note: generalized alphabetic variant of the last theorem. *)
1611AOT_theorem "term-out:4": (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1612  using "term-out:3" .
1613
1614(* TODO: would of course be nice to define it without the syntax magic *)
1615AOT_define AOT_exists_unique :: ‹α  φ  φ›
1616  "uniqueness:1": «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1617syntax "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1618AOT_syntax_print_translations
1619  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1620syntax
1621   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ›
1622   (∃!_...∃!_ _› [1,40])
1623parse_ast_translation1624[(syntax_const‹_AOT_exists_unique_ellipse›,
1625  fn ctx => fn [a,b,c] => Ast.mk_appl (Ast.Constant "AOT_exists_unique")
1626  [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1627 (syntax_const‹_AOT_exists_unique›,
1628  AOT_restricted_binder
1629    const_name‹AOT_exists_unique›
1630    const_syntax‹AOT_conj›)]
1631print_translationAOT_syntax_print_translations [
1632  AOT_preserve_binder_abs_tr'
1633    const_syntax‹AOT_exists_unique›
1634    syntax_const‹_AOT_exists_unique›
1635    (syntax_const‹_AOT_exists_unique_ellipse›, true)
1636    const_name‹AOT_conj›,
1637  AOT_binder_trans
1638    @{theory}
1639    @{binding "AOT_exists_unique_binder"}
1640    syntax_const‹_AOT_exists_unique›
1641]
1642
1643
1644context AOT_meta_syntax
1645begin
1646notation AOT_exists_unique (binder "!" 20)
1647end
1648context AOT_no_meta_syntax
1649begin
1650no_notation AOT_exists_unique (binder "!" 20)
1651end
1652
1653AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1654proof(rule "≡I"; rule "→I")
1655    AOT_assume ∃!α φ{α}
1656    AOT_hence α (φ{α} & β (φ{β}  β = α))
1657      using "uniqueness:1" "≡dfE" by blast
1658    then AOT_obtain α where φ{α} & β (φ{β}  β = α)
1659      using "instantiation"[rotated] by blast
1660    AOT_hence β(φ{β}  β = α)
1661      using "term-out:3" "≡E" by blast
1662    AOT_thus αβ(φ{β}  β = α)
1663      using "∃I" by fast
1664next
1665    AOT_assume αβ(φ{β}  β = α)
1666    then AOT_obtain α where β (φ{β}  β = α)
1667      using "instantiation"[rotated] by blast
1668    AOT_hence φ{α} & β (φ{β}  β = α)
1669      using "term-out:3" "≡E" by blast
1670    AOT_hence α (φ{α} & β (φ{β}  β = α))
1671      using "∃I" by fast
1672    AOT_thus ∃!α φ{α}
1673      using "uniqueness:1" "≡dfI" by blast
1674qed
1675
1676AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1677proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1678  fix β γ
1679  AOT_assume ∃!α φ{α}
1680  AOT_hence αβ(φ{β}  β = α)
1681    using "uniqueness:2" "≡E" by blast
1682  then AOT_obtain α where β(φ{β}  β = α)
1683    using "instantiation"[rotated] by blast
1684  moreover AOT_assume φ{β} & φ{γ}
1685  ultimately AOT_have β = α and γ = α
1686    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1687  AOT_thus β = γ
1688    by (metis "rule=E" "id-eq:2" "→E")
1689qed
1690
1691AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1692proof (rule "→I"; rule "→I")
1693  AOT_assume a: α(φ{α}  φ{α})
1694  AOT_assume ∃!α φ{α}
1695  AOT_hence α (φ{α} & β (φ{β}  β = α))
1696    using "uniqueness:1" "≡dfE" by blast
1697  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α)
1698    using "instantiation"[rotated] by blast
1699  AOT_have φ{α}
1700    using ξ a "&E" "∀E" "→E" by fast
1701  moreover AOT_have β (φ{β}  β = α)
1702    apply (rule GEN; rule "→I")
1703    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"]
1704          "qml:2"[axiom_inst, THEN "→E"] by blast
1705  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1706    using "&I" by blast
1707  AOT_thus ∃!α φ{α}
1708    using "uniqueness:1" "≡dfI" "∃I" by fast
1709qed
1710
1711subsection‹The Theory of Actuality and Descriptions›
1712text‹\label{PLM: 9.8}›
1713
1714AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1715  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1716
1717AOT_theorem "nec-imp-act": φ  𝒜φ
1718  by (metis "act-cond" "contraposition:1[2]" "≡E"(4)
1719            "qml:2"[THEN act_closure, axiom_inst]
1720            "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1721
1722AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1723  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst]
1724        "logic-actual-nec:4"[axiom_inst] by blast
1725
1726AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1727  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst]
1728            "logic-actual-nec:4"[axiom_inst] RAA(1))
1729
1730AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1731proof -
1732  AOT_have (φ  (ψ  (φ & ψ)))
1733    by (rule RN) (fact Adjunction)
1734  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1735    using "nec-imp-act" "→E" by blast
1736  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1737    using "act-cond" "→E" by blast
1738  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1739    by (fact "act-cond")
1740  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1741    using "→I" "→E" by metis
1742  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1743    by (metis Importation "→E")
1744qed
1745
1746AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1747proof -
1748  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1749    by (fact "act-conj-act:3")
1750  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1751    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1752  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1753    using "→E" by blast
1754  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1755    using "conventions:3"[THEN "df-rules-formulas[2]",
1756                          THEN act_closure, axiom_inst] by blast
1757  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1758    using "act-cond" "→E" by blast
1759  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1760qed
1761
1762(* TODO: consider introducing AOT_inductive *)
1763inductive arbitrary_actualization for φ where
1764  arbitrary_actualization φ «𝒜φ»
1765| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1766declare arbitrary_actualization.cases[AOT]
1767        arbitrary_actualization.induct[AOT]
1768        arbitrary_actualization.simps[AOT]
1769        arbitrary_actualization.intros[AOT]
1770syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop›
1771  ("ARBITRARY'_ACTUALIZATION'(_,_')")
1772
1773notepad
1774begin
1775  AOT_modally_strict {
1776    fix φ
1777    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1778      using AOT_PLM.arbitrary_actualization.intros by metis
1779    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1780      using AOT_PLM.arbitrary_actualization.intros by metis
1781    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1782      using AOT_PLM.arbitrary_actualization.intros by metis
1783  }
1784end
1785
1786
1787AOT_theorem "closure-act:1":
1788  assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ)
1789  shows ψ
1790using assms proof(induct)
1791  case 1
1792  AOT_show 𝒜(𝒜φ  φ)
1793    by (simp add: "act-conj-act:4")
1794next
1795  case (2 ψ)
1796  AOT_thus 𝒜ψ
1797    by (metis arbitrary_actualization.simps "≡E"(1)
1798              "logic-actual-nec:4"[axiom_inst])
1799qed
1800
1801AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1802  by (simp add: "act-conj-act:4" "∀I")
1803
1804AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1805  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "∀I"
1806            "logic-actual-nec:3"[axiom_inst]
1807            "logic-actual-nec:4"[axiom_inst])
1808
1809AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1810  using "closure-act:3" .
1811
1812(* TODO: examine these proofs *)
1813AOT_act_theorem "RA[1]":
1814  assumes  φ
1815  shows  𝒜φ
1816  ― ‹While this proof is rejected in PLM,
1817      we merely state it as modally-fragile rule,
1818      which addresses the concern in PLM.›
1819  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst]
1820        "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1821AOT_theorem "RA[2]":
1822  assumes  φ
1823  shows  𝒜φ
1824  ― ‹This rule is in fact a consequence of RN and
1825      does not require an appeal to the semantics itself.›
1826  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1827AOT_theorem "RA[3]":
1828  assumes Γ  φ
1829  shows 𝒜Γ  𝒜φ
1830  text‹This appears to only be derivable this is derivable
1831       from the semantics, but apparently no proof actually relies on it.
1832       If this turns out to be required, it is valid to derive it from the
1833       semantics just like RN, but we refrain from doing so, unless necessary.›
1834  (*  using assms by (meson AOT_sem_act imageI) *)
1835  oops
1836
1837AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1838  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem"
1839                "≡I" "logic-actual"[act_axiom_inst])
1840
1841AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1842  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1"
1843        "useful-tautologies:2" by blast
1844
1845AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1846  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1847
1848AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1849proof (rule "≡I"; rule "→I")
1850  AOT_assume 𝒜(φ & ψ)
1851  moreover AOT_have 𝒜((φ & ψ)  φ)
1852    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1853  moreover AOT_have 𝒜((φ & ψ)  ψ)
1854    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1855  ultimately AOT_show 𝒜φ & 𝒜ψ
1856    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1857next
1858  AOT_assume 𝒜φ & 𝒜ψ
1859  AOT_thus 𝒜(φ & ψ)
1860    using "act-conj-act:3" "vdash-properties:6" by blast
1861qed
1862
1863AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1864proof (rule "≡I"; rule "→I")
1865  AOT_assume 𝒜(φ  ψ)
1866  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1867    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1868  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1869    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1870  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1871    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1872next
1873  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1874  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1875    by (metis "act-conj-act:3" "vdash-properties:10")
1876  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1877    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]"
1878                  "vdash-properties:1[2]")
1879  ultimately AOT_show 𝒜(φ  ψ)
1880    using "act-cond"[THEN "→E", THEN "→E"] by metis
1881qed
1882
1883AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1884proof (rule "≡I"; rule "→I")
1885  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1886  AOT_show 𝒜φ  𝒜ψ
1887    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1888next
1889  AOT_assume 𝒜φ  𝒜ψ
1890  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1891    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1892qed
1893
1894AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1895  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1896
1897AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1898  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1899
1900AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1901  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act"
1902            "qml-act:2"[axiom_inst])
1903
1904AOT_theorem "Act-Basic:8": φ  𝒜φ
1905  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1906
1907AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1908proof (rule "≡I"; rule "→I")
1909  AOT_assume 𝒜(φ  ψ)
1910  AOT_thus 𝒜φ  𝒜ψ
1911  proof (rule "raa-cor:3")
1912    AOT_assume ¬(𝒜φ  𝒜ψ)
1913    AOT_hence ¬𝒜φ & ¬𝒜ψ
1914      by (metis "≡E"(1) "oth-class-taut:5:d")
1915    AOT_hence 𝒜¬φ & 𝒜¬ψ
1916      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1917    AOT_hence 𝒜(¬φ & ¬ψ)
1918      using "≡E" "Act-Basic:2" by metis
1919    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1920      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1921    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1922      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1923    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1924    AOT_thus ¬𝒜(φ  ψ)
1925      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1926  qed
1927next
1928  AOT_assume 𝒜φ  𝒜ψ
1929  AOT_thus 𝒜(φ  ψ)
1930    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1,2))
1931qed
1932
1933AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1934proof -
1935  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1936    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1937       (metis "logic-actual-nec:3"[axiom_inst])
1938  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1939    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1940       (rule "logic-actual-nec:1"[THEN universal_closure,
1941               axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1942  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1943    using "conventions:4"[THEN "df-rules-formulas[1]",
1944                          THEN act_closure, axiom_inst]
1945          "conventions:4"[THEN "df-rules-formulas[2]",
1946                          THEN act_closure, axiom_inst]
1947    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1948  also AOT_have   ¬𝒜α ¬φ{α}
1949    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1950  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1951  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1952  also AOT_have   α 𝒜 φ{α}
1953    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1954  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1955qed
1956
1957
1958AOT_theorem "Act-Basic:11": 𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1959proof(rule "≡I"; rule "→I")
1960  AOT_assume 𝒜α(φ{α}  ψ{α})
1961  AOT_hence α𝒜(φ{α}  ψ{α})
1962    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1963  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1964  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1965  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1966next
1967  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
1968  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
1969  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
1970  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
1971  AOT_thus 𝒜α(φ{α}  ψ{α})
1972    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
1973qed
1974
1975AOT_act_theorem "act-quant-uniq": β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
1976proof(rule "≡I"; rule "→I")
1977  AOT_assume β(𝒜φ{β}  β = α)
1978  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1979  AOT_hence φ{β}  β = α for β
1980    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
1981    by metis
1982  AOT_thus β(φ{β}  β = α) by (rule "∀I")
1983next
1984  AOT_assume β(φ{β}  β = α)
1985  AOT_hence φ{β}  β = α for β using "∀E" by blast
1986  AOT_hence 𝒜φ{β}  β = α for β
1987    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
1988    by metis
1989  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
1990qed
1991
1992AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
1993  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
1994
1995AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
1996  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3"
1997        "fund-cont-desc" "≡E"(5) by blast
1998
1999
2000locale russel_axiom =
2001  fixes ψ
2002  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
2003begin
2004AOT_act_theorem "russell-axiom":
2005  ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
2006proof -
2007  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
2008    using hintikka "∀I" by fast
2009  show ?thesis
2010  proof(rule "≡I"; rule "→I")
2011    AOT_assume c: ψ{ιx φ{x}}
2012    AOT_hence d: ιx φ{x}
2013      using ψ_denotes_asm by blast
2014    AOT_hence y (y = ιx φ{x})
2015      by (metis "rule=I:1" "existential:1")
2016    then AOT_obtain a where a_def: a = ιx φ{x}
2017      using "instantiation"[rotated] by blast
2018    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a))
2019      using b "∀E" by blast
2020    ultimately AOT_have φ{a} & z(φ{z}  z = a)
2021      using "≡E" by blast
2022    moreover AOT_have ψ{a}
2023    proof - 
2024      AOT_have 1: xy(x = y  y = x)
2025        by (simp add: "id-eq:2" "universal-cor")
2026      AOT_have a = ιx φ{x}   ιx φ{x} = a
2027        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2028           (auto simp: 1 d "universal-cor")
2029      AOT_thus ψ{a}
2030        using a_def c "rule=E" "→E" by blast
2031    qed
2032    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
2033    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
2034  next
2035    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
2036    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b}
2037      using "instantiation"[rotated] by blast
2038    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b))
2039      using b "∀E" by blast
2040    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b}
2041      using g "&E" by blast+
2042    AOT_hence b = ιx φ{x} using h "≡E" by blast
2043    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
2044  qed
2045qed
2046end
2047
2048(* TODO: this nicely shows off using locales with the embedding,
2049         but maybe there is still a nicer way *)
2050(* TODO: sledgehammer tends to refer to ψ_denotes_asm in these
2051         instantiation instead of referring to cqt:5:a - should be fixed *)
2052interpretation "russell-axiom[exe,1]": russel_axiom λ κ . «[Π]κ»
2053  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
2054interpretation "russell-axiom[exe,2,1,1]": russel_axiom λ κ . «[Π]κκ'»
2055  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
2056interpretation "russell-axiom[exe,2,1,2]": russel_axiom λ κ . «[Π]κ'κ»
2057  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2058interpretation "russell-axiom[exe,2,2]": russel_axiom λ κ . «[Π]κκ»
2059  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2060interpretation "russell-axiom[exe,3,1,1]": russel_axiom λ κ . «[Π]κκ'κ''»
2061  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2062interpretation "russell-axiom[exe,3,1,2]": russel_axiom λ κ . «[Π]κ'κκ''»
2063  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2064interpretation "russell-axiom[exe,3,1,3]": russel_axiom λ κ . «[Π]κ'κ''κ»
2065  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2066interpretation "russell-axiom[exe,3,2,1]": russel_axiom λ κ . «[Π]κκκ'»
2067  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2068interpretation "russell-axiom[exe,3,2,2]": russel_axiom λ κ . «[Π]κκ'κ»
2069  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2070interpretation "russell-axiom[exe,3,2,3]": russel_axiom λ κ . «[Π]κ'κκ»
2071  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2072interpretation "russell-axiom[exe,3,3]": russel_axiom λ κ . «[Π]κκκ»
2073  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2074
2075interpretation "russell-axiom[enc,1]": russel_axiom λ κ . «κ[Π]»
2076  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
2077interpretation "russell-axiom[enc,2,1]": russel_axiom λ κ . «κκ'[Π]»
2078  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
2079interpretation "russell-axiom[enc,2,2]": russel_axiom λ κ . «κ'κ[Π]»
2080  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2081interpretation "russell-axiom[enc,2,3]": russel_axiom λ κ . «κκ[Π]»
2082  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2083interpretation "russell-axiom[enc,3,1,1]": russel_axiom λ κ . «κκ'κ''[Π]»
2084  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2085interpretation "russell-axiom[enc,3,1,2]": russel_axiom λ κ . «κ'κκ''[Π]»
2086  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2087interpretation "russell-axiom[enc,3,1,3]": russel_axiom λ κ . «κ'κ''κ[Π]»
2088  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2089interpretation "russell-axiom[enc,3,2,1]": russel_axiom λ κ . «κκκ'[Π]»
2090  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2091interpretation "russell-axiom[enc,3,2,2]": russel_axiom λ κ . «κκ'κ[Π]»
2092  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2093interpretation "russell-axiom[enc,3,2,3]": russel_axiom λ κ . «κ'κκ[Π]»
2094  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2095interpretation "russell-axiom[enc,3,3]": russel_axiom λ κ . «κκκ[Π]»
2096  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2097
2098AOT_act_theorem "1-exists:1": ιx φ{x}  ∃!x φ{x}
2099proof(rule "≡I"; rule "→I")
2100  AOT_assume ιx φ{x}
2101  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2102  then AOT_obtain a where a = ιx φ{x}
2103    using "instantiation"[rotated] by blast
2104  AOT_hence φ{a} & z (φ{z}  z = a)
2105    using hintikka "≡E" by blast
2106  AOT_hence x (φ{x} & z (φ{z}  z = x))
2107    by (rule "∃I")
2108  AOT_thus ∃!x φ{x}
2109    using "uniqueness:1"[THEN "≡dfI"] by blast
2110next
2111  AOT_assume ∃!x φ{x}
2112  AOT_hence x (φ{x} & z (φ{z}  z = x))
2113    using "uniqueness:1"[THEN "≡dfE"] by blast
2114  then AOT_obtain b where φ{b} & z (φ{z}  z = b)
2115    using "instantiation"[rotated] by blast
2116  AOT_hence b = ιx φ{x}
2117    using hintikka "≡E" by blast
2118  AOT_thus ιx φ{x}
2119    by (metis "t=t-proper:2" "vdash-properties:6")
2120qed
2121
2122AOT_act_theorem "1-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
2123  using "1-exists:1" "free-thms:1" "≡E"(6) by blast
2124
2125AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
2126  using "&E"(1) "→I" hintikka "≡E"(1) by blast
2127
2128(* Note: generalized alphabetic variant of the last theorem *)
2129AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1".
2130
2131AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
2132proof(rule "→I")
2133  AOT_assume ιx φ{x}
2134  AOT_hence y (y = ιx φ{x})
2135    by (metis "rule=I:1" "existential:1")
2136  then AOT_obtain a where a = ιx φ{x}
2137    using "instantiation"[rotated] by blast
2138  moreover AOT_have φ{a}
2139    using calculation hintikka "≡E"(1) "&E" by blast
2140  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
2141qed
2142
2143AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
2144  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
2145
2146
2147AOT_theorem "act-quant-nec": β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
2148proof(rule "≡I"; rule "→I")
2149  AOT_assume β (𝒜φ{β}  β = α)
2150  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
2151  AOT_hence 𝒜𝒜φ{β}  β = α for β 
2152    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2153  AOT_thus β(𝒜𝒜φ{β}  β = α)
2154    by (rule "∀I")
2155next
2156  AOT_assume β(𝒜𝒜φ{β}  β = α)
2157  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
2158  AOT_hence 𝒜φ{β}  β = α for β
2159    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2160  AOT_thus β (𝒜φ{β}  β = α)
2161    by (rule "∀I")
2162qed
2163
2164AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
2165proof -
2166  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)
2167    using descriptions[axiom_inst] by blast
2168  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
2169  proof(rule "≡I"; rule "→I"; rule "∀I")
2170    AOT_assume z (𝒜φ{z}  z = x)
2171    AOT_hence 𝒜φ{a}  a = x for a
2172      using "∀E" by blast
2173    AOT_thus 𝒜𝒜φ{a}  a = x for a
2174      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2175  next
2176    AOT_assume z (𝒜𝒜φ{z}  z = x)
2177    AOT_hence 𝒜𝒜φ{a}  a = x for a
2178      using "∀E" by blast
2179    AOT_thus 𝒜φ{a}  a = x for a
2180      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2181  qed
2182  also AOT_have ...  x = ιx(𝒜φ{x})
2183    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
2184  finally show ?thesis .
2185qed
2186
2187AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
2188proof(rule "→I")
2189  AOT_assume ιx φ{x}
2190  AOT_hence y (y = ιx φ{x})
2191    by (metis "rule=I:1" "existential:1")
2192  then AOT_obtain a where a = ιx φ{x}
2193    using "instantiation"[rotated] by blast
2194  moreover AOT_have a = ιx(𝒜φ{x})
2195    using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
2196  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x})
2197    using "rule=E" by fast
2198qed
2199
2200AOT_theorem "nec-hintikka-scheme": x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
2201proof -
2202  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x)
2203    using descriptions[axiom_inst] by blast
2204  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
2205    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
2206  finally show ?thesis.
2207qed
2208
2209AOT_theorem "equiv-desc-eq:1":
2210  𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2211proof(rule "→I"; rule "∀I")
2212  fix β
2213  AOT_assume 𝒜x(φ{x}  ψ{x})
2214  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2215    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
2216  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x
2217    by (metis "Act-Basic:5" "≡E"(1))
2218  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β)
2219    using "nec-hintikka-scheme" by blast
2220  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2221  proof (rule "≡I"; rule "→I")
2222    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
2223    AOT_hence 𝒜φ{z}  z = β for z
2224      using "&E" "∀E" by blast
2225    AOT_hence 𝒜ψ{z}  z = β for z
2226      using 0 "≡E" "→I" "→E" by metis
2227    AOT_hence z(𝒜ψ{z}  z = β)
2228      using "∀I" by fast
2229    moreover AOT_have 𝒜ψ{β}
2230      using "&E" 0[THEN "≡E"(1)] 1 by blast
2231    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2232      using "&I" by blast
2233  next
2234    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2235    AOT_hence 𝒜ψ{z}  z = β for z
2236      using "&E" "∀E" by blast
2237    AOT_hence 𝒜φ{z}  z = β for z
2238      using 0 "≡E" "→I" "→E" by metis
2239    AOT_hence z(𝒜φ{z}  z = β)
2240      using "∀I" by fast
2241    moreover AOT_have 𝒜φ{β}
2242      using "&E" 0[THEN "≡E"(2)] 1 by blast
2243    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β)
2244      using "&I" by blast
2245  qed
2246  also AOT_have ...  β = ιx ψ{x}
2247    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
2248  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
2249qed
2250
2251AOT_theorem "equiv-desc-eq:2":
2252  ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2253proof(rule "→I")
2254  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
2255  AOT_hence 0: y (y = ιx φ{x}) and
2256            1: x (x = ιx φ{x}  x = ιx ψ{x})
2257    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
2258  then AOT_obtain a where a = ιx φ{x}
2259    using "instantiation"[rotated] by blast
2260  moreover AOT_have a = ιx ψ{x}
2261    using calculation 1 "∀E" "≡E"(1) by fast
2262  ultimately AOT_show ιx φ{x} = ιx ψ{x}
2263    using "rule=E" by fast
2264qed
2265
2266AOT_theorem "equiv-desc-eq:3":
2267  ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2268  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E"
2269        "nec-imp-act"[THEN "→E"] by metis
2270
2271(* Note: this is a special case of "exist-nec" *)
2272AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
2273proof(rule "→I")
2274  AOT_assume ιx φ{x}
2275  AOT_hence y (y = ιx φ{x})
2276    by (metis "rule=I:1" "existential:1")
2277  then AOT_obtain a where a = ιx φ{x}
2278    using "instantiation"[rotated] by blast
2279  AOT_thus ιx φ{x}
2280    using "ex:2:a" "rule=E" by fast
2281qed
2282
2283AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
2284proof(rule "→I")
2285  AOT_assume ιx φ{x}
2286  AOT_hence y (y = ιx φ{x})
2287    by (metis "rule=I:1" "existential:1")
2288  then AOT_obtain a where a = ιx φ{x}
2289    using "instantiation"[rotated] by blast
2290  AOT_hence (a = ιx φ{x})
2291    by (metis "id-nec:2" "vdash-properties:10")
2292  AOT_thus y (y = ιx φ{x})
2293    by (rule "∃I")
2294qed
2295
2296AOT_act_theorem "equiv-desc-eq2:1":
2297  x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2298  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2299        "equiv-desc-eq:1"[THEN "→E"]
2300        "RA[1]" "deduction-theorem" by blast
2301
2302AOT_act_theorem "equiv-desc-eq2:2":
2303  ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2304  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2305        "equiv-desc-eq:2"[THEN "→E", OF "&I"]
2306        "RA[1]" "deduction-theorem" "&E" by metis
2307
2308context russel_axiom
2309begin
2310AOT_theorem "nec-russell-axiom":
2311  ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2312proof -
2313  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
2314    using "nec-hintikka-scheme" "∀I" by fast
2315  show ?thesis
2316  proof(rule "≡I"; rule "→I")
2317    AOT_assume c: ψ{ιx φ{x}}
2318    AOT_hence d: ιx φ{x}
2319      using ψ_denotes_asm by blast
2320    AOT_hence y (y = ιx φ{x})
2321      by (metis "rule=I:1" "existential:1")
2322    then AOT_obtain a where a_def: a = ιx φ{x}
2323      using "instantiation"[rotated] by blast
2324    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a))
2325      using b "∀E" by blast
2326    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a)
2327      using "≡E" by blast
2328    moreover AOT_have ψ{a}
2329    proof - 
2330      AOT_have 1: xy(x = y  y = x)
2331        by (simp add: "id-eq:2" "universal-cor")
2332      AOT_have a = ιx φ{x}   ιx φ{x} = a
2333        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2334           (auto simp: d "universal-cor" 1)
2335      AOT_thus ψ{a}
2336        using a_def c "rule=E" "→E" by metis
2337    qed
2338    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a}
2339      by (rule "&I")
2340    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2341      by (rule "∃I")
2342  next
2343    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2344    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b}
2345      using "instantiation"[rotated] by blast
2346    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b))
2347      using b "∀E" by blast
2348    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b}
2349      using g "&E" by blast+
2350    AOT_hence b = ιx φ{x}
2351      using h "≡E" by blast
2352    AOT_thus ψ{ιx φ{x}}
2353      using j "rule=E" by blast
2354  qed
2355qed
2356end
2357
2358AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
2359proof (rule "≡I"; rule "→I")
2360  AOT_assume ιx φ{x}
2361  AOT_hence y (y = ιx φ{x})
2362    by (metis "rule=I:1" "existential:1")
2363  then AOT_obtain a where a = ιx φ{x}
2364    using "instantiation"[rotated] by blast
2365  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2366    using descriptions[axiom_inst] by blast
2367  ultimately AOT_have z(𝒜φ{z}  z = a)
2368    using "≡E" by blast
2369  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
2370  AOT_thus ∃!x 𝒜φ{x}
2371    using "uniqueness:2"[THEN "≡E"(2)] by fast
2372next
2373  AOT_assume ∃!x 𝒜φ{x}
2374  AOT_hence xz(𝒜φ{z}  z = x)
2375    using "uniqueness:2"[THEN "≡E"(1)] by fast
2376  then AOT_obtain a where z(𝒜φ{z}  z = a)
2377    using "instantiation"[rotated] by blast
2378  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2379    using descriptions[axiom_inst] by blast
2380  ultimately AOT_have a = ιx φ{x}
2381    using "≡E" by blast
2382  AOT_thus ιx φ{x}
2383    by (metis "t=t-proper:2" "vdash-properties:6")
2384qed
2385
2386AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
2387  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme"
2388        "reductio-aa:2" "vdash-properties:9" by blast
2389
2390(* Note: generalized alphabetic variant of the last theorem *)
2391AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
2392  using "actual-desc:2".
2393
2394AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
2395proof(rule "→I")
2396  AOT_assume ιx φ{x}
2397  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2398  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
2399  AOT_thus 𝒜φ{ιx φ{x}}
2400    using "actual-desc:2" "rule=E" "→E" by fast
2401qed
2402
2403(* TODO: take another look at proof in PLM *)
2404AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
2405proof(rule "→I")
2406  AOT_assume 0: ιx φ{x} = ιx ψ{x}
2407  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
2408    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
2409  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x})
2410    by (metis "rule=I:1" "existential:1")+
2411  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
2412    using "instantiation"[rotated] by metis
2413
2414  AOT_have αβ (α = β  β = α)
2415    by (rule "∀I"; rule "∀I"; rule "id-eq:2")
2416  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
2417    using "∀E" φ_down by blast
2418  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2419    using "∀E" ψ_down by blast
2420  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2421    "→E" by blast
2422
2423  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2424  proof(rule "≡I"; rule "→I")
2425    AOT_assume 𝒜φ{x}
2426    moreover AOT_have 𝒜φ{x}  x = a for x
2427      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)]
2428            "∀E" by blast
2429    ultimately AOT_have x = a
2430      using "→E" by blast
2431    AOT_hence x = ιx φ{x}
2432      using a_eq "rule=E" by blast
2433    AOT_hence x = ιx ψ{x}
2434      using 0 "rule=E" by blast
2435    AOT_thus 𝒜ψ{x}
2436      by (metis "actual-desc:3" "vdash-properties:6")
2437  next
2438    AOT_assume 𝒜ψ{x}
2439    moreover AOT_have 𝒜ψ{x}  x = b for x
2440      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)]
2441            "∀E" by blast
2442    ultimately AOT_have x = b
2443      using "→E" by blast
2444    AOT_hence x = ιx ψ{x}
2445      using b_eq "rule=E" by blast
2446    AOT_hence x = ιx φ{x}
2447      using 1 "rule=E" by blast
2448    AOT_thus 𝒜φ{x}
2449      by (metis "actual-desc:3" "vdash-properties:6")
2450  qed
2451  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2452    by (metis "Act-Basic:5" "≡E"(2))
2453  AOT_hence x 𝒜(φ{x}  ψ{x})
2454    by (rule "∀I")
2455  AOT_thus 𝒜x (φ{x}  ψ{x})
2456    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2457qed    
2458
2459AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2460proof(rule "→I")
2461  AOT_assume ∃!x φ{x}
2462  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2463    using "uniqueness:1"[THEN "≡dfE"] by blast
2464  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b)
2465    using "instantiation"[rotated] by blast
2466  AOT_show y (y = ιx φ{x}  φ{y})
2467  proof(rule GEN; rule "→I")
2468    fix y
2469    AOT_assume y = ιx φ{x}
2470    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y)
2471      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2472    AOT_hence 𝒜φ{b}  b = y
2473      using "&E" "∀E" by blast
2474    moreover AOT_have 𝒜φ{b}
2475      using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2476    ultimately AOT_have b = y
2477      using "→E" by blast
2478    moreover AOT_have φ{b}
2479      using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2480    ultimately AOT_show φ{y}
2481      using "rule=E" by blast
2482  qed
2483qed
2484
2485AOT_theorem "!box-desc:2":
2486  x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2487proof(rule "→I"; rule "→I")
2488  AOT_assume x (φ{x}  φ{x})
2489  moreover AOT_assume ∃!x φ{x}
2490  ultimately AOT_have ∃!x φ{x}
2491    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2492  AOT_thus y (y = ιx φ{x}  φ{y})
2493    using "!box-desc:1" "→E" by blast
2494qed
2495
2496(* Note: vacuous in the embedding. *)
2497AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ}
2498  by (simp add: "rule=I:1" "→I")
2499
2500subsection‹The Theory of Necessity›
2501text‹\label{PLM: 9.9}›
2502
2503AOT_theorem "RM:1[prem]":
2504  assumes Γ  φ  ψ
2505  shows Γ  φ  ψ
2506proof -
2507  AOT_have Γ  (φ  ψ)
2508    using "RN[prem]" assms by blast
2509  AOT_thus Γ  φ  ψ
2510    by (metis "qml:1"[axiom_inst] "→E")
2511qed
2512
2513AOT_theorem "RM:1":
2514  assumes  φ  ψ
2515  shows  φ  ψ
2516  using "RM:1[prem]" assms by blast
2517
2518lemmas RM = "RM:1"
2519
2520AOT_theorem "RM:2[prem]":
2521  assumes Γ  φ  ψ
2522  shows Γ  φ  ψ
2523proof -
2524  AOT_have Γ  ¬ψ  ¬φ
2525    using assms 
2526    by (simp add: "contraposition:1[1]")
2527  AOT_hence Γ  ¬ψ  ¬φ
2528    using "RM:1[prem]" by blast
2529  AOT_thus Γ  φ  ψ
2530    by (meson "≡dfE" "≡dfI" "conventions:5" "→I" "modus-tollens:1")
2531qed
2532
2533AOT_theorem "RM:2":
2534  assumes  φ  ψ
2535  shows  φ  ψ
2536  using "RM:2[prem]" assms by blast
2537
2538lemmas "RM◇" = "RM:2"
2539
2540AOT_theorem "RM:3[prem]":
2541  assumes Γ  φ  ψ
2542  shows Γ  φ  ψ
2543proof -
2544  AOT_have Γ  φ  ψ and Γ  ψ  φ
2545    using assms "≡E" "→I" by metis+
2546  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2547    using "RM:1[prem]" by metis+
2548  AOT_thus Γ  φ  ψ
2549    by (simp add: "≡I")
2550qed
2551
2552AOT_theorem "RM:3":
2553  assumes  φ  ψ
2554  shows  φ  ψ
2555  using "RM:3[prem]" assms by blast
2556
2557lemmas RE = "RM:3"
2558
2559AOT_theorem "RM:4[prem]":
2560  assumes Γ  φ  ψ
2561  shows Γ  φ  ψ
2562proof -
2563  AOT_have Γ  φ  ψ and Γ  ψ  φ
2564    using assms "≡E" "→I" by metis+
2565  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2566    using "RM:2[prem]" by metis+
2567  AOT_thus Γ  φ  ψ
2568    by (simp add: "≡I")
2569qed
2570
2571AOT_theorem "RM:4":
2572  assumes  φ  ψ
2573  shows  φ  ψ
2574  using "RM:4[prem]" assms by blast
2575
2576lemmas "RE◇" = "RM:4"
2577
2578AOT_theorem "KBasic:1": φ  (ψ  φ)
2579  by (simp add: RM "pl:1"[axiom_inst])
2580
2581AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2582  by (simp add: RM "useful-tautologies:3")
2583
2584AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2585proof (rule "≡I"; rule "→I")
2586  AOT_assume (φ & ψ)
2587  AOT_thus φ & ψ
2588    by (meson RM "&I" "Conjunction Simplification"(1, 2) "→E")
2589next
2590  AOT_have φ  (ψ  (φ & ψ))
2591    by (simp add: "RM:1" Adjunction)
2592  AOT_hence φ  (ψ  (φ & ψ))
2593    by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2594  moreover AOT_assume φ & ψ
2595  ultimately AOT_show (φ & ψ)
2596    using "→E" "&E" by blast
2597qed
2598
2599AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2600proof -
2601  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2602    by (fact "KBasic:3")
2603  AOT_modally_strict {
2604    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2605      by (fact "conventions:3"[THEN "≡Df"])
2606  }
2607  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2608    by (rule RE)
2609  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2610    using "≡E"(5) by blast
2611qed
2612
2613AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2614proof -
2615  AOT_have (φ  ψ)  (φ  ψ)
2616    by (fact "qml:1"[axiom_inst])
2617  moreover AOT_have (ψ  φ)  (ψ  φ)
2618    by (fact "qml:1"[axiom_inst])
2619  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2620    by (metis "&I" MP "Double Composition")
2621  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2622    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2623  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2624    by (metis "Hypothetical Syllogism")
2625qed
2626
2627AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2628  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "→E" by blast
2629AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2630proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2631  AOT_assume φ & ψ
2632  AOT_hence φ and ψ using "&E" by blast+
2633  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2634  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2635  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2636next
2637  AOT_assume ¬φ & ¬ψ
2638  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2639  AOT_modally_strict {
2640    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2641      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2642  }
2643  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2644    by (rule RM)
2645  AOT_thus (φ  ψ) using 0 "→E" by blast
2646qed(auto)
2647
2648AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2649  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2650AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2651  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2652AOT_theorem "KBasic:10": φ  ¬¬φ
2653  by (simp add: "RM:3" "oth-class-taut:3:b")
2654AOT_theorem "KBasic:11": ¬φ  ¬φ
2655proof (rule "≡I"; rule "→I")
2656  AOT_show ¬φ if ¬φ
2657    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2658next
2659  AOT_show ¬φ if ¬φ
2660    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2661qed
2662AOT_theorem "KBasic:12": φ  ¬¬φ
2663proof (rule "≡I"; rule "→I")
2664  AOT_show ¬¬φ if φ
2665    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2666next
2667  AOT_show φ if ¬¬φ
2668  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2669qed
2670AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2671proof -
2672  AOT_have φ  ψ  φ  ψ by blast
2673  AOT_hence (φ  ψ)  φ  ψ
2674    using "RM:2[prem]" by blast
2675  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2676qed
2677lemmas "K◇" = "KBasic:13"
2678AOT_theorem "KBasic:14": φ  ¬¬φ
2679  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2680AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2681proof -
2682  AOT_modally_strict {
2683    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2684      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2685  }
2686  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2687    using RM by blast+
2688  AOT_thus (φ  ψ)  (φ  ψ)
2689    by (metis "∨E"(1) "deduction-theorem")
2690qed
2691
2692AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2693  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism"
2694            Importation "→E")
2695
2696AOT_theorem "rule-sub-lem:1:a":
2697  assumes  (ψ  χ)
2698  shows  ¬ψ  ¬χ
2699  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2700        "≡E"(1) "oth-class-taut:4:b" by blast
2701
2702AOT_theorem "rule-sub-lem:1:b":
2703  assumes  (ψ  χ)
2704  shows  (ψ  Θ)  (χ  Θ)
2705  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2706  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2707
2708AOT_theorem "rule-sub-lem:1:c":
2709  assumes  (ψ  χ)
2710  shows  (Θ  ψ)  (Θ  χ)
2711  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2712  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2713
2714AOT_theorem "rule-sub-lem:1:d":
2715  assumes for arbitrary α:  (ψ{α}  χ{α})
2716  shows  α ψ{α}  α χ{α}
2717proof -
2718  AOT_modally_strict {
2719    AOT_have α (ψ{α}  χ{α})
2720      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2721    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2722    AOT_show α ψ{α}  α χ{α}
2723    proof (rule "≡I"; rule "→I")
2724      AOT_assume α ψ{α}
2725      AOT_hence ψ{α} for α using "∀E" by blast
2726      AOT_hence χ{α} for α using 0 "≡E" by blast
2727      AOT_thus α χ{α} by (rule "∀I")
2728    next
2729      AOT_assume α χ{α}
2730      AOT_hence χ{α} for α using "∀E" by blast
2731      AOT_hence ψ{α} for α using 0 "≡E" by blast
2732      AOT_thus α ψ{α} by (rule "∀I")
2733    qed
2734  }
2735qed
2736
2737AOT_theorem "rule-sub-lem:1:e":
2738  assumes  (ψ  χ)
2739  shows   ψ]   χ]
2740  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2741  using "≡E"(1) "propositions-lemma:6" by blast
2742
2743AOT_theorem "rule-sub-lem:1:f":
2744  assumes  (ψ  χ)
2745  shows  𝒜ψ  𝒜χ
2746  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2747  by (metis "Act-Basic:5" "≡E"(1))
2748
2749AOT_theorem "rule-sub-lem:1:g":
2750  assumes  (ψ  χ)
2751  shows  ψ  χ
2752  using "KBasic:6" assms "vdash-properties:6" by blast
2753
2754text‹Note that instead of deriving @{text "rule-sub-lem:2"},
2755     @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2756     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2757
2758class AOT_subst =
2759  fixes AOT_subst :: "('a  𝗈)  bool"
2760    and AOT_subst_cond :: "'a  'a  bool"
2761  assumes AOT_subst:
2762    "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2763
2764named_theorems AOT_substI
2765
2766instantiation 𝗈 :: AOT_subst
2767begin
2768
2769inductive AOT_subst_𝗈 where
2770  AOT_subst_𝗈_id[AOT_substI]:
2771    AOT_subst_𝗈 (λφ. φ)
2772  | AOT_subst_𝗈_const[AOT_substI]:
2773    AOT_subst_𝗈 (λφ. ψ)
2774  | AOT_subst_𝗈_not[AOT_substI]:
2775    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)
2776  | AOT_subst_𝗈_imp[AOT_substI]:
2777    AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)
2778  | AOT_subst_𝗈_lambda0[AOT_substI]:
2779    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))
2780  | AOT_subst_𝗈_act[AOT_substI]:
2781    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)
2782  | AOT_subst_𝗈_box[AOT_substI]:
2783    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)
2784  | AOT_subst_𝗈_by_def[AOT_substI]:
2785    ( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ)) 
2786      AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ
2787
2788
2789definition AOT_subst_cond_𝗈 where
2790  AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]
2791
2792instance
2793proof
2794  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2795  assume cond: ‹AOT_subst_cond ψ χ
2796  assume ‹AOT_subst φ
2797  moreover AOT_have  ψ  χ
2798    using cond unfolding AOT_subst_cond_𝗈_def by blast
2799  ultimately AOT_show  φ{ψ}  φ{χ}
2800  proof (induct arbitrary: ψ χ)
2801    case AOT_subst_𝗈_id
2802    thus ?case
2803      using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2804  next
2805    case (AOT_subst_𝗈_const ψ)
2806    thus ?case
2807      by (simp add: "oth-class-taut:3:a")
2808  next
2809    case (AOT_subst_𝗈_not Θ)
2810    thus ?case
2811      by (simp add: RN "rule-sub-lem:1:a")
2812  next
2813    case (AOT_subst_𝗈_imp Θ Ξ)
2814    thus ?case
2815      by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2816  next
2817    case (AOT_subst_𝗈_lambda0 Θ)
2818    thus ?case
2819      by (simp add: RN "rule-sub-lem:1:e")
2820  next
2821    case (AOT_subst_𝗈_act Θ)
2822    thus ?case
2823      by (simp add: RN "rule-sub-lem:1:f")
2824  next
2825    case (AOT_subst_𝗈_box Θ)
2826    thus ?case
2827      by (simp add: RN "rule-sub-lem:1:g")
2828  next
2829    case (AOT_subst_𝗈_by_def Θ Ξ)
2830    AOT_modally_strict {
2831      AOT_have Ξ{ψ}  Ξ{χ}
2832        using AOT_subst_𝗈_by_def by simp
2833      AOT_thus Θ{ψ}  Θ{χ}
2834        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ]
2835              "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2836        by (metis "≡E"(6) "oth-class-taut:3:a")
2837    }
2838  qed
2839qed
2840end
2841
2842instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2843begin
2844
2845definition AOT_subst_cond_fun :: ('a  'b)  ('a  'b)  bool› where
2846  AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α))
2847                                                      (ψ (AOT_term_of_var α))
2848
2849inductive AOT_subst_fun :: (('a  'b)  𝗈)  bool› where
2850  AOT_subst_fun_const[AOT_substI]:
2851    AOT_subst_fun (λφ. ψ)
2852  | AOT_subst_fun_id[AOT_substI]:
2853    ‹AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var α)))
2854  | AOT_subst_fun_all[AOT_substI]:
2855    ‹AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α))) 
2856     AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)
2857  | AOT_subst_fun_not[AOT_substI]:
2858    ‹AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)
2859  | AOT_subst_fun_imp[AOT_substI]:
2860    ‹AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)
2861  | AOT_subst_fun_lambda0[AOT_substI]:
2862    ‹AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))
2863  | AOT_subst_fun_act[AOT_substI]:
2864    ‹AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)
2865  | AOT_subst_fun_box[AOT_substI]:
2866    ‹AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)
2867  | AOT_subst_fun_def[AOT_substI]:
2868    ( φ . AOT_model_equiv_def (Θ φ) (Ψ φ)) 
2869     AOT_subst_fun Ψ  AOT_subst_fun Θ
2870
2871instance proof
2872  fix ψ χ :: 'a  'b and φ :: ('a  'b)  𝗈›
2873  assume ‹AOT_subst φ
2874  moreover assume cond: ‹AOT_subst_cond ψ χ
2875  ultimately AOT_show  «φ ψ»  «φ χ»
2876  proof(induct)
2877    case (AOT_subst_fun_const ψ)
2878    then show ?case by (simp add: "oth-class-taut:3:a")
2879  next
2880  case (AOT_subst_fun_id Ψ x)
2881  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2882  next
2883  next
2884  case (AOT_subst_fun_all Ψ Θ)
2885  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2886    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2887  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2888    by (simp add: RN "rule-sub-lem:1:d"
2889                  AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2890  next
2891  case (AOT_subst_fun_not Ψ)
2892  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2893  next
2894  case (AOT_subst_fun_imp Ψ Θ)
2895  then show ?case 
2896    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2897    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "→E")
2898  next
2899  case (AOT_subst_fun_lambda0 Θ)
2900  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2901  next
2902  case (AOT_subst_fun_act Θ)
2903  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2904  next
2905  case (AOT_subst_fun_box Θ)
2906  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2907  next
2908  case (AOT_subst_fun_def Θ Ψ)
2909  then show ?case
2910    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2911  qed
2912qed
2913end
2914
2915ML2916fun prove_AOT_subst_tac ctxt = REPEAT (SUBGOAL (fn (trm,_) => let
2917  fun findHeadConst (Const x) = SOME x
2918    | findHeadConst (A $ _) = findHeadConst A
2919    | findHeadConst _ = NONE
2920  fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ _)
2921      = findHeadConst lhs
2922    | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2923    | findDef (Abs (_,_,c)) = findDef c
2924    | findDef _ = NONE
2925  val const_opt = (findDef trm)
2926  val defs = case const_opt of SOME const => List.filter (fn thm => let
2927      val concl = Thm.concl_of thm
2928      val thmconst = (findDef concl)
2929      in case thmconst of SOME (c,_) => fst const = c | _ => false end)
2930      (AOT_Definitions.get ctxt)
2931      | _ => []
2932  val tac = case defs of
2933            [] => safe_step_tac (ctxt addSIs @{thms AOT_substI}) 1
2934            | _ => resolve_tac ctxt defs 1
2935  in tac end) 1)
2936fun getSubstThm ctxt reversed phi p q = let
2937val p_ty = Term.type_of p
2938val abs = HOLogic.mk_Trueprop (@{const AOT_subst(_)} $ phi)
2939val abs = Syntax.check_term ctxt abs
2940val substThm = Goal.prove ctxt [] [] abs
2941  (fn {context=ctxt, prems=_} => prove_AOT_subst_tac ctxt)
2942val substThm = substThm RS @{thm AOT_subst}
2943in if reversed then let
2944  val substThm = Drule.instantiate_normalize
2945          ([],[((("χ", 0), p_ty), Thm.cterm_of ctxt p),
2946          ((("ψ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2947  val substThm = substThm RS @{thm "≡E"(1)}
2948  in substThm end
2949else
2950  let
2951  val substThm = Drule.instantiate_normalize
2952          ([],[((("ψ", 0), p_ty), Thm.cterm_of ctxt p),
2953          ((("χ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2954  val substThm = substThm RS @{thm "≡E"(2)}
2955  in substThm end end
2956
2957
2958method_setup AOT_subst = 2959Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2960Scan.lift (Args.embedded_inner_syntax -- Args.embedded_inner_syntax) --
2961Scan.option (Scan.lift (Args.$$$ "for" -- Args.colon) |--
2962Scan.repeat1 (Scan.lift (Args.embedded_inner_syntax) --
2963Scan.option (Scan.lift (Args.$$$ "::" |-- Args.embedded_inner_syntax))))
2964>> (fn ((reversed,(raw_p,raw_q)),raw_bounds) => (fn ctxt =>
2965(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
2966  prems = prems, asms = asms, concl = concl, schematics = _} =>
2967let
2968val thms = prems
2969val ctxt' = ctxt
2970val ctxt = Context_Position.set_visible false ctxt
2971val raw_bounds = case raw_bounds of SOME bounds => bounds | _ => []
2972
2973val ctxt = (fold (fn (bound, ty) => fn ctxt =>
2974  let
2975    val bound = AOT_read_term @{nonterminal τ'} ctxt bound
2976    val ty = Option.map (Syntax.read_typ ctxt) ty
2977    val ctxt = case ty of SOME ty => let
2978        val bound = Const ("_type_constraint_", Type ("fun", [ty,ty])) $ bound
2979        val bound = Syntax.check_term ctxt bound
2980      in Variable.declare_term bound ctxt end | _ => ctxt
2981  in ctxt end)) raw_bounds ctxt
2982
2983val p = AOT_read_term @{nonterminal φ'} ctxt raw_p
2984val p = Syntax.check_term ctxt p
2985val ctxt = Variable.declare_term p ctxt
2986val q = AOT_read_term @{nonterminal φ'} ctxt raw_q
2987val q = Syntax.check_term ctxt q
2988val ctxt = Variable.declare_term q ctxt
2989
2990val bounds = (map (fn (bound, _) =>
2991  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt bound)
2992)) raw_bounds
2993val p = fold (fn bound => fn p =>
2994  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,p)))
2995  bounds p
2996val p = Syntax.check_term ctxt p
2997val p_ty = Term.type_of p
2998
2999val pat = @{const Trueprop} $
3000  (@{const AOT_model_valid_in} $ Var (("w",0), @{typ w}) $
3001   (Var (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])) $ p))
3002val univ = Unify.matchers (Context.Proof ctxt) [(pat, Thm.term_of concl)]
3003val univ = hd (Seq.list_of univ) (* TODO: choose? try all? filter? *)
3004val phi = the (Envir.lookup univ
3005  (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])))
3006
3007val q = fold (fn bound => fn q =>
3008  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,q))) bounds q
3009val q = Syntax.check_term ctxt q
3010
3011(* Reparse to report bounds as fixes. *)
3012val ctxt = Context_Position.restore_visible ctxt' ctxt
3013val ctxt' = ctxt
3014fun unsource str = fst (Input.source_content (Syntax.read_input str))
3015val (_,ctxt') = Proof_Context.add_fixes (map (fn (str,_) =>
3016  (Binding.make (unsource str, Position.none), NONE, Mixfix.NoSyn)) raw_bounds)
3017  ctxt'
3018val _ = (map (fn (x,_) =>
3019  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt' x)))
3020  raw_bounds
3021val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_p
3022val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_q
3023val reversed = case reversed of SOME _ => true | _ => false
3024val simpThms = [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}]
3025in
3026resolve_tac ctxt [getSubstThm ctxt reversed phi p q] 1
3027THEN simp_tac (ctxt addsimps simpThms) 1
3028THEN (REPEAT (resolve_tac ctxt [@{thm allI}] 1))
3029THEN (TRY (resolve_tac ctxt thms 1))
3030end
3031) ctxt 1))))
3032
3033
3034method_setup AOT_subst_def = 3035Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3036Attrib.thm
3037>> (fn (reversed,fact) => (fn ctxt =>
3038(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3039  prems = prems, asms = asms, concl = concl, schematics = _} =>
3040let
3041val c = Thm.concl_of fact
3042val (lhs, rhs) = case c of (const‹Trueprop› $
3043    (const‹AOT_model_equiv_def› $ lhs $ rhs)) => (lhs, rhs)
3044  | _ => raise Fail "Definition expected."
3045val substCond = HOLogic.mk_Trueprop
3046  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3047val substCond = Syntax.check_term
3048  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3049  substCond
3050val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3051  @{thm AOT_subst_cond_fun_def},
3052  fact RS @{thm "≡Df"}]
3053val substCondThm = Goal.prove ctxt [] [] substCond
3054  (fn {context=ctxt, prems=prems} =>
3055      (SUBGOAL (fn (trm,int) =>
3056        auto_tac (ctxt addsimps simpThms)) 1))
3057val substThm = substCondThm RSN (2,@{thm AOT_subst})
3058in
3059resolve_tac ctxt [substThm RS
3060  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3061THEN prove_AOT_subst_tac ctxt
3062THEN (TRY (resolve_tac ctxt prems 1))
3063end
3064) ctxt 1))))
3065
3066
3067method_setup AOT_subst_thm = 3068Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3069Attrib.thm
3070>> (fn (reversed,fact) => (fn ctxt =>
3071(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3072  prems = prems, asms = asms, concl = concl, schematics = _} =>
3073let
3074val c = Thm.concl_of fact
3075val (lhs, rhs) = case c of
3076  (const‹Trueprop› $
3077   (const‹AOT_model_valid_in› $ _ $
3078    (const‹AOT_equiv› $ lhs $ rhs))) => (lhs, rhs)
3079  | _ => raise Fail "Equivalence expected."
3080
3081val substCond = HOLogic.mk_Trueprop
3082  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3083val substCond = Syntax.check_term
3084  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3085  substCond
3086val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3087  @{thm AOT_subst_cond_fun_def},
3088  fact]
3089val substCondThm = Goal.prove ctxt [] [] substCond
3090  (fn {context=ctxt, prems=prems} =>
3091      (SUBGOAL (fn (trm,int) => auto_tac (ctxt addsimps simpThms)) 1))
3092val substThm = substCondThm RSN (2,@{thm AOT_subst})
3093in
3094resolve_tac ctxt [substThm RS
3095  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3096THEN prove_AOT_subst_tac ctxt
3097THEN (TRY (resolve_tac ctxt prems 1))
3098end
3099) ctxt 1))))
3100
3101
3102AOT_theorem "rule-sub-remark:1[1]":
3103  assumes  A!x  ¬E!x and ¬A!x
3104  shows ¬¬E!x
3105  by (AOT_subst (reverse) ¬E!x A!x)
3106     (auto simp: assms) 
3107
3108AOT_theorem "rule-sub-remark:1[2]":
3109  assumes  A!x  ¬E!x and  ¬¬E!x
3110  shows ¬A!x
3111  by (AOT_subst A!x ¬E!x)
3112     (auto simp: assms)
3113
3114AOT_theorem "rule-sub-remark:2[1]":
3115  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3116      and p  [R]xy
3117  shows p  [R]xy & ([Q]a  ¬[Q]a)
3118  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3119
3120AOT_theorem "rule-sub-remark:2[2]":
3121  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3122      and p  [R]xy & ([Q]a  ¬[Q]a)
3123  shows p  [R]xy
3124  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3125
3126AOT_theorem "rule-sub-remark:3[1]":
3127  assumes for arbitrary x:  A!x  ¬E!x
3128      and x A!x
3129    shows x ¬E!x
3130  by (AOT_subst (reverse) ¬E!x A!x for: x)
3131     (auto simp: assms)
3132
3133AOT_theorem "rule-sub-remark:3[2]":
3134  assumes for arbitrary x:  A!x  ¬E!x
3135      and x ¬E!x
3136    shows x A!x
3137  by (AOT_subst A!x ¬E!x for: x)
3138     (auto simp: assms)
3139
3140AOT_theorem "rule-sub-remark:4[1]":
3141  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x
3142  shows 𝒜[P]x
3143  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3144
3145AOT_theorem "rule-sub-remark:4[2]":
3146  assumes  ¬¬[P]x  [P]x and 𝒜[P]x
3147  shows 𝒜¬¬[P]x
3148  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3149
3150AOT_theorem "rule-sub-remark:5[1]":
3151  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ)
3152  shows (¬ψ  ¬φ)
3153  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3154
3155AOT_theorem "rule-sub-remark:5[2]":
3156  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ)
3157  shows (φ  ψ) 
3158  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3159
3160AOT_theorem "rule-sub-remark:6[1]":
3161  assumes  ψ  χ and (φ  ψ)
3162  shows (φ  χ) 
3163  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3164
3165AOT_theorem "rule-sub-remark:6[2]":
3166  assumes  ψ  χ and (φ  χ)
3167  shows (φ  ψ)
3168  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3169
3170AOT_theorem "rule-sub-remark:7[1]":
3171  assumes  φ  ¬¬φ and (φ  φ)
3172  shows (¬¬φ  φ) 
3173  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3174
3175AOT_theorem "rule-sub-remark:7[2]":
3176  assumes  φ  ¬¬φ and (¬¬φ  φ)
3177  shows (φ  φ)
3178  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3179
3180AOT_theorem "KBasic2:1": ¬φ  ¬φ
3181  by (meson "conventions:5" "contraposition:2"
3182            "Hypothetical Syllogism" "df-rules-formulas[3]"
3183            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
3184
3185AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
3186proof -
3187  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
3188    by (simp add: "RE◇" "oth-class-taut:5:b")
3189  also AOT_have   ¬(¬φ & ¬ψ)
3190    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3191  also AOT_have   ¬(¬φ & ¬ψ)
3192    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
3193  also AOT_have   ¬(¬φ & ¬ψ)
3194    using "KBasic2:1"
3195    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ;
3196        auto simp: "oth-class-taut:3:a")
3197  also AOT_have   ¬¬(φ  ψ)
3198    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
3199  also AOT_have   φ  ψ
3200    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
3201  finally show ?thesis .
3202qed
3203
3204AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
3205  by (metis "RM◇" "&I" "Conjunction Simplification"(1,2)
3206            "→I" "modus-tollens:1" "reductio-aa:1")
3207
3208AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
3209proof -
3210  AOT_have (φ  ψ)  (¬φ  ψ)
3211    by (AOT_subst φ  ψ ¬φ  ψ)
3212       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
3213  also AOT_have ...  ¬φ  ψ
3214    by (simp add: "KBasic2:2")
3215  also AOT_have ...  ¬φ  ψ
3216    by (AOT_subst ¬φ ¬φ)
3217       (auto simp: "KBasic:11" "oth-class-taut:3:a")
3218  also AOT_have ...  φ  ψ
3219    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
3220  finally show ?thesis .
3221qed
3222
3223AOT_theorem "KBasic2:5": φ  ¬¬φ
3224  using "conventions:5"[THEN "≡Df"]
3225  by (AOT_subst φ ¬¬φ;
3226      AOT_subst ¬¬φ ¬¬¬¬φ;
3227      AOT_subst (reverse) ¬¬¬φ ¬φ)
3228     (auto simp: "oth-class-taut:3:b" "oth-class-taut:3:a")
3229
3230
3231AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
3232proof(rule "→I"; rule "raa-cor:1")
3233  AOT_assume (φ  ψ)
3234  AOT_hence (¬φ  ψ)
3235    using "conventions:2"[THEN "≡Df"]
3236    by (AOT_subst (reverse) ¬φ  ψ φ  ψ) simp
3237  AOT_hence 1: ¬φ  ψ
3238    using "KBasic:13" "vdash-properties:10" by blast
3239  AOT_assume ¬(φ  ψ)
3240  AOT_hence ¬φ and ¬ψ
3241    using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
3242  AOT_thus ψ & ¬ψ
3243    using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
3244qed
3245
3246AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
3247proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3248  AOT_assume (φ  ψ)
3249  AOT_hence 1: φ  ψ
3250    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
3251  AOT_assume ¬φ
3252  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
3253  AOT_thus ψ using 1 "∨E"(2) by blast
3254qed
3255
3256AOT_theorem "T-S5-fund:1": φ  φ
3257  by (meson "≡dfI" "conventions:5" "contraposition:2"
3258            "Hypothetical Syllogism" "→I" "qml:2"[axiom_inst])
3259lemmas "T◇" = "T-S5-fund:1"
3260
3261AOT_theorem "T-S5-fund:2": φ  φ
3262proof(rule "→I")
3263  AOT_assume φ
3264  AOT_hence ¬¬φ
3265    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
3266  moreover AOT_have ¬φ  ¬φ
3267    by (fact "qml:3"[axiom_inst])
3268  ultimately AOT_have ¬¬φ
3269    using "modus-tollens:1" by blast
3270  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
3271qed
3272lemmas "5◇" = "T-S5-fund:2"
3273
3274AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
3275  by (AOT_subst 𝒜¬φ ¬𝒜φ)
3276     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
3277
3278AOT_theorem "Act-Sub:2": φ  𝒜φ
3279  using "conventions:5"[THEN "≡Df"]
3280  by (AOT_subst φ ¬¬φ)
3281     (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
3282            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
3283
3284AOT_theorem "Act-Sub:3": 𝒜φ  φ
3285  using "conventions:5"[THEN "≡Df"]
3286  by (AOT_subst φ ¬¬φ)
3287     (metis "Act-Sub:1" "→I" "≡E"(4) "nec-imp-act" "reductio-aa:2" "→E")
3288
3289AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
3290proof (rule "≡I"; rule "→I")
3291  AOT_assume 𝒜φ
3292  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
3293next
3294  AOT_assume 𝒜φ
3295  AOT_hence ¬¬𝒜φ
3296    using "≡dfE" "conventions:5" by blast
3297  AOT_hence ¬𝒜¬φ
3298    by (AOT_subst 𝒜¬φ ¬𝒜φ)
3299       (simp add: "logic-actual-nec:1"[axiom_inst])
3300  AOT_thus 𝒜φ
3301    using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4)
3302          "reductio-aa:1" by blast
3303qed
3304
3305AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
3306  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "→I" "≡E"(1) "≡E"(2) "→E")
3307
3308AOT_theorem "S5Basic:1": φ  φ
3309  by (simp add: "≡I" "qml:2"[axiom_inst] "qml:3"[axiom_inst])
3310
3311AOT_theorem "S5Basic:2": φ  φ
3312  by (simp add: "T◇" "5◇" "≡I")
3313
3314AOT_theorem "S5Basic:3": φ  φ
3315  using "T◇" "Hypothetical Syllogism" "qml:3"[axiom_inst] by blast
3316lemmas "B" = "S5Basic:3"
3317
3318AOT_theorem "S5Basic:4": φ  φ
3319  using "5◇" "Hypothetical Syllogism" "qml:2"[axiom_inst] by blast
3320lemmas "B◇" = "S5Basic:4"
3321
3322AOT_theorem "S5Basic:5": φ  φ
3323  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
3324lemmas "4" = "S5Basic:5"
3325
3326AOT_theorem "S5Basic:6": φ  φ
3327  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
3328
3329AOT_theorem "S5Basic:7": φ  φ
3330  using "conventions:5"[THEN "≡Df"] "oth-class-taut:3:b"
3331  by (AOT_subst φ ¬¬φ;
3332      AOT_subst φ ¬¬φ;
3333      AOT_subst (reverse) ¬¬¬φ ¬φ;
3334      AOT_subst (reverse) ¬φ ¬φ)
3335     (auto simp: "S5Basic:6" "if-p-then-p")
3336
3337lemmas "4◇" = "S5Basic:7"
3338
3339AOT_theorem "S5Basic:8": φ  φ
3340  by (simp add: "4◇" "T◇" "≡I")
3341
3342AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
3343  apply (rule "≡I"; rule "→I")
3344  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10"
3345   apply blast
3346  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1)
3347            "con-dis-taut:7" "intro-elim:1" "Commutativity of ∨")
3348
3349AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
3350(* Note: nicely this proof is entirely sledgehammer generated *)
3351proof(rule "≡I"; rule "→I")
3352  AOT_assume (φ  ψ)
3353  AOT_hence φ  ψ
3354    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
3355  AOT_thus φ  ψ
3356    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
3357next
3358  AOT_assume φ  ψ
3359  AOT_hence φ  ψ
3360    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
3361  AOT_thus (φ  ψ)
3362    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1,2))
3363qed
3364
3365AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
3366proof -
3367  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
3368    by (AOT_subst φ & ψ ¬(¬φ  ¬ψ))
3369       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
3370  also AOT_have   ¬(¬φ  ¬ψ)
3371    by (AOT_subst ¬ψ ¬ψ)
3372       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
3373  also AOT_have   ¬(¬φ  ¬ψ)
3374    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3375  also AOT_have   ¬(¬φ  ¬ψ)
3376    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
3377  also AOT_have   ¬(¬φ  ¬ψ)
3378    using "KBasic2:1"
3379    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ)
3380       (auto simp:  "oth-class-taut:3:a")
3381  also AOT_have   φ & ψ
3382    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
3383  finally show ?thesis .
3384qed
3385
3386AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
3387proof (rule "≡I"; rule "→I")
3388  AOT_assume (φ & ψ)
3389  AOT_hence φ & ψ
3390    using "KBasic2:3" "vdash-properties:6" by blast
3391  AOT_thus φ & ψ
3392    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
3393next
3394  AOT_assume φ & ψ
3395  moreover AOT_have (ψ & φ)  (φ & ψ)
3396    by (AOT_subst φ & ψ ψ & φ)
3397       (auto simp: "Commutativity of &" "KBasic:16")
3398  ultimately AOT_show (φ & ψ)
3399    by (metis "4" "&I" "Conjunction Simplification"(1,2) "→E")
3400qed
3401
3402AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
3403proof (rule "≡I")
3404  AOT_modally_strict {
3405    AOT_have (φ  ψ)  (φ  ψ)
3406      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "→I")
3407  }
3408  AOT_hence (φ  ψ)  (φ  ψ)
3409    by (rule RM)
3410  AOT_thus  (φ  ψ)  (φ  ψ)
3411    using "4" "Hypothetical Syllogism" by blast
3412next
3413  AOT_modally_strict {
3414    AOT_have (φ  ψ)  (φ  ψ)
3415      by (meson "B" "Hypothetical Syllogism" "→I" "qml:1"[axiom_inst])
3416  }
3417  AOT_hence  (φ  ψ)  (φ  ψ)
3418    by (rule RM)
3419  AOT_thus (φ  ψ)  (φ  ψ)
3420    using "4" "Hypothetical Syllogism" by blast
3421qed
3422
3423AOT_theorem "derived-S5-rules:1":
3424  assumes Γ  φ  ψ
3425  shows Γ  φ  ψ
3426proof -
3427  AOT_have Γ  φ  ψ
3428    using assms by (rule "RM:1[prem]")
3429  AOT_thus Γ  φ  ψ
3430    using "B" "Hypothetical Syllogism" by blast
3431qed
3432
3433AOT_theorem "derived-S5-rules:2":
3434  assumes Γ  φ  ψ
3435  shows Γ  φ  ψ
3436proof -
3437  AOT_have Γ  φ  ψ
3438    using assms by (rule "RM:2[prem]")
3439  AOT_thus Γ  φ  ψ
3440    using "B◇" "Hypothetical Syllogism" by blast
3441qed
3442
3443AOT_theorem "BFs:1": α φ{α}  α φ{α}
3444proof -
3445  AOT_modally_strict {
3446    AOT_have α φ{α}  φ{α} for α
3447      using "cqt-orig:3" by (rule "RM◇")
3448    AOT_hence α φ{α}  α φ{α}
3449      using "B◇" "∀I" "→E" "→I" by metis
3450  }
3451  thus ?thesis
3452    using "derived-S5-rules:1" by blast
3453qed
3454lemmas "BF" = "BFs:1"
3455
3456AOT_theorem "BFs:2": α φ{α}  α φ{α}
3457proof -
3458  AOT_have α φ{α}  φ{α} for α
3459    using RM "cqt-orig:3" by metis
3460  thus ?thesis
3461    using "cqt-orig:2"[THEN "→E"] "∀I" by metis
3462qed
3463lemmas "CBF" = "BFs:2"
3464
3465AOT_theorem "BFs:3": α φ{α}  α φ{α}
3466proof(rule "→I")
3467  AOT_modally_strict {
3468    AOT_have α ¬φ{α}  α ¬φ{α}
3469      using BF CBF "≡I" by blast
3470  } note θ = this
3471
3472  AOT_assume α φ{α}
3473  AOT_hence ¬¬(α φ{α})
3474    using "≡dfE" "conventions:5" by blast
3475  AOT_hence ¬α ¬φ{α}
3476    apply (AOT_subst α ¬φ{α} ¬(α φ{α}))
3477    using "≡dfI" "conventions:3" "conventions:4" "&I"
3478          "contraposition:2" "cqt-further:4"
3479          "df-rules-formulas[3]" by blast
3480  AOT_hence ¬α ¬φ{α}
3481    apply (AOT_subst (reverse) α ¬φ{α} α ¬φ{α})
3482    using θ by blast
3483  AOT_hence ¬α ¬¬¬φ{α}
3484    by (AOT_subst (reverse) ¬¬¬φ{α} ¬φ{α} for: α)
3485       (simp add: "oth-class-taut:3:b")
3486  AOT_hence α ¬¬φ{α}
3487    by (rule "conventions:4"[THEN "≡dfI"])
3488  AOT_thus α φ{α}
3489    using "conventions:5"[THEN "≡Df"]
3490    by (AOT_subst φ{α} ¬¬φ{α} for: α)
3491qed
3492lemmas "BF◇" = "BFs:3"
3493
3494AOT_theorem "BFs:4": α φ{α}  α φ{α}
3495proof(rule "→I")
3496  AOT_assume α φ{α}
3497  AOT_hence ¬α ¬φ{α}
3498    using "conventions:4"[THEN "≡dfE"] by blast
3499  AOT_hence ¬α ¬φ{α}
3500    using "KBasic2:1"
3501    by (AOT_subst ¬φ{α} ¬φ{α} for: α)
3502  moreover AOT_have α ¬φ{α}  α ¬φ{α}
3503    using "≡I" "BF" "CBF" by metis
3504  ultimately AOT_have 1: ¬α ¬φ{α}
3505    using "≡E"(3) by blast
3506  AOT_show α φ{α}
3507    apply (rule "conventions:5"[THEN "≡dfI"])
3508    apply (AOT_subst α φ{α} ¬α ¬φ{α})
3509     apply (simp add: "conventions:4" "≡Df")
3510    apply (AOT_subst ¬¬α ¬φ{α} α ¬φ{α})
3511    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
3512qed
3513lemmas "CBF◇" = "BFs:4"
3514
3515AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
3516proof(rule "→I")
3517  AOT_assume α φ{α}
3518  then AOT_obtain α where φ{α} using "∃E" by metis
3519  moreover AOT_have α
3520    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
3521  moreover AOT_have φ{τ}, τ  α φ{α} for τ
3522  proof -
3523    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
3524    AOT_thus φ{τ}, τ  α φ{α}
3525      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
3526  qed
3527  ultimately AOT_show α φ{α} by blast
3528qed
3529lemmas Buridan = "sign-S5-thm:1"
3530
3531AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
3532proof -
3533  AOT_have α (α φ{α}  φ{α})
3534    by (simp add: "RM◇" "cqt-orig:3" "∀I")
3535  AOT_thus α φ{α}  α φ{α}
3536    using "∀E"(4) "∀I" "→E" "→I" by metis
3537qed
3538lemmas "Buridan◇" = "sign-S5-thm:2"
3539
3540AOT_theorem "sign-S5-thm:3": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
3541  apply (rule "RM:2")
3542  by (metis (no_types, lifting) "∃E" "&I" "&E"(1) "&E"(2) "→I" "∃I"(2))
3543
3544AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
3545  apply (rule "RM:2")
3546  by (meson "instantiation" "&E"(1) "→I" "∃I"(2))
3547
3548AOT_theorem "sign-S5-thm:5":
3549  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
3550proof -
3551  {
3552    fix φ' ψ' χ'
3553    AOT_assume  φ' & ψ'  χ'
3554    AOT_hence φ' & ψ'  χ'
3555      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3556      using "&E" "&I" "→E" "→I" by metis
3557  } note R = this
3558  show ?thesis by (rule R; fact AOT)
3559qed
3560
3561AOT_theorem "sign-S5-thm:6":
3562  (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
3563proof -
3564  {
3565    fix φ' ψ' χ'
3566    AOT_assume  φ' & ψ'  χ'
3567    AOT_hence φ' & ψ'  χ'
3568      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3569      using "&E" "&I" "→E" "→I" by metis
3570  } note R = this
3571  show ?thesis by (rule R; fact AOT)
3572qed
3573
3574AOT_theorem "exist-nec2:1": τ  τ
3575  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
3576
3577AOT_theorem "exists-nec2:2": τ  τ
3578  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec"
3579            "exist-nec2:1" "≡I" "nec-imp-act")
3580
3581AOT_theorem "exists-nec2:3": ¬τ  ¬τ
3582  using "KBasic2:1" "→I" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3583
3584AOT_theorem "exists-nec2:4": ¬τ  ¬τ
3585  by (metis "Act-Sub:3" "KBasic:12" "→I" "exist-nec" "exists-nec2:3"
3586            "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
3587
3588AOT_theorem "id-nec2:1": α = β  α = β
3589  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
3590
3591AOT_theorem "id-nec2:2": α  β  α  β
3592  apply (AOT_subst α  β ¬(α = β))
3593  using "=-infix"[THEN "≡Df"] apply blast
3594  using "KBasic2:1" "→I" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3595
3596AOT_theorem "id-nec2:3": α  β  α  β
3597  apply (AOT_subst α  β ¬(α = β))
3598  using "=-infix"[THEN "≡Df"] apply blast
3599  by (metis "KBasic:11" "→I" "id-nec:2" "≡E"(3) "reductio-aa:2" "→E")
3600
3601AOT_theorem "id-nec2:4": α = β  α = β
3602  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
3603
3604AOT_theorem "id-nec2:5": α  β  α  β
3605  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
3606
3607AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
3608  apply (rule "≡I"; rule "→I")
3609  using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" apply blast
3610  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2)
3611            "raa-cor:5" "→E")
3612
3613AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
3614  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "→I" "≡I"
3615            "nec-imp-act" "raa-cor:2" "→E")
3616
3617AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
3618proof (rule "→I"; rule "≡I"; rule "→I")
3619  AOT_assume (φ  φ)
3620  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
3621  moreover AOT_assume ¬φ
3622  ultimately AOT_have ¬φ
3623    using "modus-tollens:1" by blast
3624  AOT_thus ¬φ
3625    using "KBasic2:1" "≡E"(2) by blast
3626next
3627  AOT_assume (φ  φ)
3628  moreover AOT_assume ¬φ
3629  ultimately AOT_show ¬φ
3630    using "modus-tollens:1" "qml:2"[axiom_inst] "→E" by blast
3631qed
3632
3633AOT_theorem "sc-eq-box-box:4":
3634  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3635proof(rule "→I"; rule "→I")
3636  AOT_assume θ: (φ  φ) & (ψ  ψ)
3637  AOT_assume ξ: φ  ψ
3638  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
3639    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
3640  moreover {
3641    AOT_assume φ & ψ
3642    AOT_hence (φ  ψ)
3643      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
3644  }
3645  moreover {
3646    AOT_assume ¬φ & ¬ψ
3647    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
3648      using θ "Conjunction Simplification"(1,2)
3649            "sc-eq-box-box:3" "→E" by metis+
3650    ultimately AOT_have ¬φ & ¬ψ
3651      by (metis "&I" "Conjunction Simplification"(1,2)
3652                "≡E"(4) "modus-tollens:1" "raa-cor:3")
3653    AOT_hence (φ  ψ)
3654      using "KBasic:3" "KBasic:9" "≡E"(2) "→E" by blast
3655  }
3656  ultimately AOT_show (φ  ψ)
3657    using "∨E"(2) "reductio-aa:1" by blast
3658qed
3659
3660AOT_theorem "sc-eq-box-box:5":
3661  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3662proof (rule "→I")
3663  AOT_assume ((φ  φ) & (ψ  ψ))
3664  AOT_hence ((φ  φ) & (ψ  ψ))
3665    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
3666  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3667  proof (rule RM; rule "→I"; rule "→I")
3668    AOT_modally_strict {
3669      AOT_assume A: ((φ  φ) & (ψ  ψ))
3670      AOT_hence φ  φ and ψ  ψ
3671        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3672      moreover AOT_assume φ  ψ
3673      ultimately AOT_have φ  ψ
3674        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3675      moreover AOT_have (φ  ψ)  (φ  ψ)
3676        using A "sc-eq-box-box:4" "→E" by blast
3677      ultimately AOT_show (φ  ψ) using "→E" by blast
3678    }
3679  qed
3680  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3681qed
3682
3683AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3684proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3685  AOT_assume ¬(φ  ψ)
3686  AOT_hence ¬(φ  ψ)
3687    by (metis "KBasic:11" "≡E"(1))
3688  AOT_hence (φ & ¬ψ)
3689    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3690       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3691  AOT_hence φ and 2: ¬ψ
3692    using "KBasic2:3"[THEN "→E"] "&E" by blast+
3693  moreover AOT_assume (φ  φ)
3694  ultimately AOT_have φ
3695    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3696  AOT_hence φ
3697    using "qml:2"[axiom_inst, THEN "→E"] by blast
3698  moreover AOT_assume φ  ψ
3699  ultimately AOT_have ψ
3700    using "→E" by blast
3701  moreover AOT_have ¬ψ
3702    using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3703  ultimately AOT_show ψ & ¬ψ
3704    using "&I" by blast
3705qed
3706
3707AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3708proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3709  AOT_assume ¬𝒜(φ  ψ)
3710  AOT_hence 𝒜¬(φ  ψ)
3711    by (metis "Act-Basic:1" "∨E"(2))
3712  AOT_hence 𝒜(φ & ¬ψ)
3713    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3714       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3715  AOT_hence 𝒜φ and 2: 𝒜¬ψ
3716    using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3717  AOT_hence φ
3718    by (metis "Act-Sub:3" "→E")
3719  moreover AOT_assume (φ  φ)
3720  ultimately AOT_have φ
3721    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3722  AOT_hence φ
3723    using "qml:2"[axiom_inst, THEN "→E"] by blast
3724  moreover AOT_assume φ  𝒜ψ
3725  ultimately AOT_have 𝒜ψ
3726    using "→E" by blast
3727  moreover AOT_have ¬𝒜ψ
3728    using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3729  ultimately AOT_show 𝒜ψ & ¬𝒜ψ
3730    using "&I" by blast
3731qed
3732
3733AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3734  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3735
3736AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3737  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism"
3738            "→I" "≡I" "nec-imp-act")
3739
3740AOT_theorem "sc-eq-fur:3": x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3741proof (rule "→I"; rule "→I")
3742  AOT_assume x (φ{x}  φ{x})
3743  AOT_hence A: x (φ{x}  φ{x})
3744    using CBF "→E" by blast
3745  AOT_assume ∃!x φ{x}
3746  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3747    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3748  moreover AOT_have φ{a}
3749    using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3750  AOT_hence 𝒜φ{a}
3751    using "nec-imp-act" "→E" by blast
3752  moreover AOT_have y (𝒜φ{y}  y = a)
3753  proof (rule "∀I"; rule "→I")
3754    fix b
3755    AOT_assume 𝒜φ{b}
3756    AOT_hence φ{b}
3757      using "Act-Sub:3" "→E" by blast
3758    moreover {
3759      AOT_have (φ{b}  φ{b})
3760        using A "∀E"(2) by blast
3761      AOT_hence φ{b}  φ{b}
3762        using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" by blast
3763    }
3764    ultimately AOT_have φ{b}
3765      using "→E" by blast
3766    AOT_hence φ{b}
3767      using "qml:2"[axiom_inst] "→E" by blast
3768    AOT_thus b = a
3769      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3770  qed
3771  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3772    using "&I" by blast
3773  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x))
3774    using "∃I" by fast
3775  AOT_hence ∃!x 𝒜φ{x}
3776    using "uniqueness:1"[THEN "≡dfI"] by fast
3777  AOT_thus ιx φ{x}
3778    using "actual-desc:1"[THEN "≡E"(2)] by blast
3779qed
3780
3781AOT_theorem "sc-eq-fur:4":
3782x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3783proof (rule "→I")
3784  AOT_assume x (φ{x}  φ{x})
3785  AOT_hence x (φ{x}  φ{x})
3786    using CBF "→E" by blast
3787  AOT_hence A: 𝒜φ{α}  φ{α} for α
3788    using "sc-eq-fur:2" "∀E" "→E" by fast
3789  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3790  proof (rule "≡I"; rule "→I")
3791    AOT_assume x = ιx φ{x}
3792    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3793      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3794    AOT_show φ{x} & z (φ{z}  z = x)
3795    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3796      AOT_show φ{x}
3797        using A B[THEN "&E"(1)] "≡E"(1) by blast
3798    next
3799      AOT_show z = x if φ{z} for z
3800        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3801    qed
3802  next
3803    AOT_assume B: φ{x} & z (φ{z}  z = x)
3804    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3805    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3806      AOT_show 𝒜φ{x}
3807        using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3808    next
3809      AOT_show b = x if 𝒜φ{b} for b
3810        using A[THEN "≡E"(1)] that
3811              B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3812    qed
3813    AOT_thus x = ιx φ{x}
3814      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3815  qed
3816qed
3817
3818AOT_theorem "id-act:1": α = β  𝒜α = β
3819  by (meson "Act-Sub:3" "Hypothetical Syllogism"
3820            "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3821
3822AOT_theorem "id-act:2": α  β  𝒜α  β
3823proof (AOT_subst α  β ¬(α = β))
3824  AOT_modally_strict {
3825    AOT_show α  β  ¬(α = β)
3826      by (simp add: "=-infix" "≡Df")
3827  }
3828next
3829  AOT_show ¬(α = β)  𝒜¬(α = β)
3830  proof (safe intro!: "≡I" "→I")
3831    AOT_assume ¬α = β
3832    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3833    AOT_thus 𝒜¬α = β
3834      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3835  next
3836    AOT_assume 𝒜¬α = β
3837    AOT_hence ¬𝒜α = β
3838      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3839    AOT_thus ¬α = β
3840      using "id-act:1" "≡E"(4) by blast
3841  qed
3842qed
3843
3844AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3845proof -
3846  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3847    by (AOT_subst ∃!α φ{α} αβ (φ{β}  β = α))
3848       (auto simp add: "oth-class-taut:3:a" "uniqueness:2")
3849  also AOT_have   α 𝒜β (φ{β}  β = α)
3850    by (simp add: "Act-Basic:10")
3851  also AOT_have   αβ 𝒜(φ{β}  β = α)
3852    by (AOT_subst 𝒜β (φ{β}  β = α) β 𝒜(φ{β}  β = α) for: α)
3853       (auto simp: "logic-actual-nec:3"[axiom_inst] "oth-class-taut:3:a")
3854  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3855    by (AOT_subst (reverse) 𝒜φ{β}  𝒜β = α
3856                            𝒜(φ{β}  β = α) for: α β :: 'a)
3857       (auto simp: "Act-Basic:5" "cqt-further:7")
3858  also AOT_have   αβ (𝒜φ{β}  β = α)
3859    by (AOT_subst (reverse) 𝒜β = α β = α for: α β :: 'a)
3860       (auto simp: "id-act:1" "cqt-further:7")
3861  also AOT_have ...  ∃!α 𝒜φ{α}
3862    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3863  finally show ?thesis.
3864qed
3865
3866AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3867  by (AOT_subst 𝒜∃!x φ{x} ∃!x 𝒜φ{x})
3868     (auto simp: "actual-desc:1" "A-Exists:1")
3869
3870AOT_theorem "id-act-desc:1": ιx (x = y)
3871proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3872  AOT_show x E!x  E!x]ιx (x = y)
3873  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)];
3874         rule "∃I"; (rule "&I")+)
3875    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3876  next
3877    AOT_show z (𝒜z = y  z = y)
3878      apply (rule "∀I")
3879      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3880  next
3881    AOT_show x E!x  E!x]y
3882    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3883      AOT_show x E!x  E!x]
3884        by "cqt:2[lambda]"
3885    next
3886      AOT_show E!y  E!y 
3887        by (simp add: "if-p-then-p")
3888    qed
3889  qed
3890next
3891  AOT_show x E!x  E!x]
3892    by "cqt:2[lambda]"
3893qed
3894
3895AOT_theorem "id-act-desc:2": y = ιx (x = y)
3896  by (rule descriptions[axiom_inst, THEN "≡E"(2)];
3897      rule "∀I"; rule "id-act:1"[symmetric])
3898
3899AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3900  by (simp add: encoding "vdash-properties:1[2]")
3901
3902AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3903proof (rule "→I")
3904  AOT_assume x1x2[F]
3905  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3906    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3907  moreover AOT_have y [F]yx2] by "cqt:2"
3908  moreover AOT_have y [F]x1y] by "cqt:2"
3909  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3910    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3911  note A = this
3912  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3913    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3914  AOT_thus x1x2[F]
3915    by (rule "nary-encoding[2]"[axiom_inst, THEN RN,
3916                                THEN "KBasic:6"[THEN "→E"],
3917                                THEN "≡E"(2)])
3918qed
3919
3920AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3921proof (rule "→I")
3922  AOT_assume x1x2x3[F]
3923  AOT_hence x1y [F]yx2x3]
3924        and x2y [F]x1yx3]
3925        and x3y [F]x1x2y]
3926    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3927  moreover AOT_have y [F]yx2x3] by "cqt:2"
3928  moreover AOT_have y [F]x1yx3] by "cqt:2"
3929  moreover AOT_have y [F]x1x2y] by "cqt:2"
3930  ultimately AOT_have x1y [F]yx2x3]
3931                  and x2y [F]x1yx3]
3932                  and x3y [F]x1x2y]
3933    using encoding[axiom_inst, unvarify F] "→E" by blast+
3934  note A = this
3935  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3936    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3937  AOT_thus x1x2x3[F]
3938    by (rule "nary-encoding[3]"[axiom_inst, THEN RN,
3939                THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3940qed
3941
3942AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3943proof (rule "→I")
3944  AOT_assume x1x2x3x4[F]
3945  AOT_hence x1y [F]yx2x3x4]
3946        and x2y [F]x1yx3x4]
3947        and x3y [F]x1x2yx4]
3948        and x4y [F]x1x2x3y]
3949    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3950  moreover AOT_have y [F]yx2x3x4] by "cqt:2"
3951  moreover AOT_have y [F]x1yx3x4] by "cqt:2"
3952  moreover AOT_have y [F]x1x2yx4] by "cqt:2"
3953  moreover AOT_have y [F]x1x2x3y] by "cqt:2"
3954  ultimately AOT_have x1y [F]yx2x3x4]
3955                  and x2y [F]x1yx3x4]
3956                  and x3y [F]x1x2yx4]
3957                  and x4y [F]x1x2x3y]
3958    using "→E" encoding[axiom_inst, unvarify F] by blast+
3959  note A = this
3960  AOT_have B: (x1y [F]yx2x3x4] &
3961                  x2y [F]x1yx3x4] &
3962                  x3y [F]x1x2yx4] &
3963                  x4y [F]x1x2x3y])
3964    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3965  AOT_thus x1x2x3x4[F]
3966    by (rule "nary-encoding[4]"[axiom_inst, THEN RN,
3967              THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3968qed
3969
3970AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
3971proof (rule "→I"; rule "raa-cor:1")
3972  AOT_assume ¬¬x1[F]
3973  AOT_hence x1[F]
3974    by (rule "conventions:5"[THEN "≡dfI"])
3975  AOT_hence x1[F]
3976    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN],
3977              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3978  moreover AOT_assume ¬x1[F]
3979  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
3980qed
3981AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
3982proof (rule "→I"; rule "raa-cor:1")
3983  AOT_assume ¬¬x1x2[F]
3984  AOT_hence x1x2[F]
3985    by (rule "conventions:5"[THEN "≡dfI"])
3986  AOT_hence x1x2[F]
3987    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN],
3988              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3989  moreover AOT_assume ¬x1x2[F]
3990  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
3991qed
3992
3993AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3994proof (rule "→I"; rule "raa-cor:1")
3995  AOT_assume ¬¬x1x2x3[F]
3996  AOT_hence x1x2x3[F]
3997    by (rule "conventions:5"[THEN "≡dfI"])
3998  AOT_hence x1x2x3[F]
3999    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN],
4000              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4001  moreover AOT_assume ¬x1x2x3[F]
4002  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
4003qed
4004
4005AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4006proof (rule "→I"; rule "raa-cor:1")
4007  AOT_assume ¬¬x1x2x3x4[F]
4008  AOT_hence x1x2x3x4[F]
4009    by (rule "conventions:5"[THEN "≡dfI"])
4010  AOT_hence x1x2x3x4[F]
4011    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN],
4012                         THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4013  moreover AOT_assume ¬x1x2x3x4[F]
4014  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
4015qed
4016
4017AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
4018  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4019AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
4020  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4021AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
4022  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4023AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
4024  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4025
4026AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
4027  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
4028AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
4029  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
4030AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
4031  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
4032AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
4033  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
4034
4035AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
4036  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[1]"] "≡I" by blast
4037AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
4038  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[2]"] "≡I" by blast
4039AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
4040  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[3]"] "≡I" by blast
4041AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
4042  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[4]"] "≡I" by blast
4043
4044AOT_theorem "en-eq:4[1]":
4045  (x1[F]  y1[G])  (x1[F]  y1[G])
4046  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4047  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
4048AOT_theorem "en-eq:4[2]":
4049  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4050  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4051  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
4052AOT_theorem "en-eq:4[3]":
4053  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4054  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4055  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
4056AOT_theorem "en-eq:4[4]":
4057  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4058  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4059  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
4060
4061AOT_theorem "en-eq:5[1]":
4062  (x1[F]  y1[G])  (x1[F]  y1[G])
4063  apply (rule "≡I"; rule "→I")
4064  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4065   apply blast
4066  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4067        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]]
4068  by blast
4069AOT_theorem "en-eq:5[2]":
4070  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4071  apply (rule "≡I"; rule "→I")
4072  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4073   apply blast
4074  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4075        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]]
4076  by blast
4077AOT_theorem "en-eq:5[3]":
4078  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4079  apply (rule "≡I"; rule "→I")
4080  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4081   apply blast
4082  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4083        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]]
4084  by blast
4085AOT_theorem "en-eq:5[4]":
4086  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4087  apply (rule "≡I"; rule "→I")
4088  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4089   apply blast
4090  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4091        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]]
4092  by blast
4093
4094AOT_theorem "en-eq:6[1]":
4095  (x1[F]  y1[G])  (x1[F]  y1[G])
4096  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
4097AOT_theorem "en-eq:6[2]":
4098  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4099  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
4100AOT_theorem "en-eq:6[3]":
4101  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4102  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
4103AOT_theorem "en-eq:6[4]":
4104  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4105  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
4106
4107AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
4108  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
4109AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
4110  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
4111AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4112  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
4113AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4114  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
4115
4116AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
4117  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4118        "KBasic:11" "≡E"(5)[symmetric] by blast
4119AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
4120  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4121        "KBasic:11" "≡E"(5)[symmetric] by blast
4122AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4123  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4124        "KBasic:11" "≡E"(5)[symmetric] by blast
4125AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4126  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4127        "KBasic:11" "≡E"(5)[symmetric] by blast
4128
4129AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
4130  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
4131AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
4132  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
4133AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4134  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
4135AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4136  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
4137
4138AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
4139  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4140            "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
4141AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
4142  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4143            "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
4144AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
4145  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4146            "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
4147AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
4148  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4149            "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
4150
4151AOT_theorem "oa-facts:1": O!x  O!x
4152proof(rule "→I")
4153  AOT_modally_strict {
4154    AOT_have x E!x]x  E!x
4155      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4156  } note θ = this
4157  AOT_assume O!x
4158  AOT_hence x E!x]x
4159    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4160  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
4161  AOT_hence E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
4162  AOT_hence x E!x]x
4163    by (AOT_subst x E!x]x E!x)
4164       (auto simp: θ)
4165  AOT_thus O!x
4166    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4167qed
4168
4169AOT_theorem "oa-facts:2": A!x  A!x
4170proof(rule "→I")
4171  AOT_modally_strict {
4172    AOT_have x ¬E!x]x  ¬E!x
4173      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4174  } note θ = this
4175  AOT_assume A!x
4176  AOT_hence x ¬E!x]x
4177    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2"
4178  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
4179  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
4180  AOT_hence ¬E!x using "4"[THEN "→E"] by blast
4181  AOT_hence ¬E!x
4182    using "KBasic2:1"
4183    by (AOT_subst (reverse) ¬E!x ¬E!x) blast
4184  AOT_hence x ¬E!x]x
4185    by (AOT_subst x ¬E!x]x ¬E!x)
4186       (auto simp: θ)
4187  AOT_thus A!x
4188    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
4189qed
4190
4191AOT_theorem "oa-facts:3": O!x  O!x
4192  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4193AOT_theorem "oa-facts:4": A!x  A!x
4194  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4195
4196AOT_theorem "oa-facts:5": O!x  O!x
4197  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4198            "oa-facts:1" "oa-facts:3")
4199
4200AOT_theorem "oa-facts:6": A!x  A!x
4201  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4202            "oa-facts:2" "oa-facts:4")
4203
4204AOT_theorem "oa-facts:7": O!x  𝒜O!x
4205  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4206            "oa-facts:1" "oa-facts:3")
4207
4208AOT_theorem "oa-facts:8": A!x  𝒜A!x
4209  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4210            "oa-facts:2" "oa-facts:4")
4211
4212subsection‹The Theory of Relations›
4213text‹\label{PLM: 9.10}›
4214
4215AOT_theorem "beta-C-meta":
4216  μ1...μn φ{μ1...μn, ν1...νn}] 
4217   (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4218  using "lambda-predicates:2"[axiom_inst] by blast
4219
4220AOT_theorem "beta-C-cor:1":
4221  (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}])) 
4222   ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4223  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
4224  using "beta-C-meta" "∀I" by fast
4225
4226AOT_theorem "beta-C-cor:2":
4227  μ1...μn φ{μ1...μn}] 
4228   ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
4229  apply (rule "→I"; rule "∀I")
4230  using "beta-C-meta"[THEN "→E"] by fast
4231
4232(* TODO: syntax *)
4233theorem "beta-C-cor:3":
4234  assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
4235  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn, μ1...μn}]ν1...νn 
4236                         φ{ν1...νn, ν1...νn})]
4237  using "cqt:2[lambda]"[axiom_inst, OF assms]
4238        "beta-C-cor:1"[THEN "→E"] "∀I" by fast
4239
4240AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
4241proof -
4242  AOT_modally_strict {
4243    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
4244    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
4245      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
4246    ultimately AOT_show φ{κ1...κn}
4247      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
4248  }
4249qed
4250
4251AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
4252  using "betaC:1:a" "raa-cor:3" by blast
4253
4254lemmas "β→C" = "betaC:1:a" "betaC:1:b"
4255
4256AOT_theorem "betaC:2:a":
4257  μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4258   μ1...μn φ{μ1...μn}]κ1...κn
4259proof -
4260  AOT_modally_strict {
4261    AOT_assume 1: μ1...μn φ{μ1...μn}]
4262           and 2: κ1...κn
4263           and 3: φ{κ1...κn}
4264    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
4265      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)]
4266      by blast
4267  }
4268  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4269            μ1...μn φ{μ1...μn}]κ1...κn
4270    by blast
4271qed
4272
4273AOT_theorem "betaC:2:b":
4274  μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn 
4275   ¬φ{κ1...κn}
4276  using "betaC:2:a" "raa-cor:3" by blast
4277
4278lemmas "β←C" = "betaC:2:a" "betaC:2:b"
4279
4280AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
4281  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
4282
4283(* Note: generalized alphabetic variant of the last theorem *)
4284AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
4285  using "eta-conversion-lemma1:1".
4286
4287text‹Note: not explicitly part of PLM.›
4288AOT_theorem id_sym:
4289  assumes τ = τ'
4290  shows τ' = τ
4291  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
4292        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
4293declare id_sym[sym]
4294
4295text‹Note: not explicitly part of PLM.›
4296AOT_theorem id_trans:
4297  assumes τ = τ' and τ' = τ''
4298  shows τ = τ''
4299  using "rule=E" assms by blast
4300declare id_trans[trans]
4301
4302method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> =
4303  (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  4304   rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"
4305    [THEN "→E", of v "«[Π]»", symmetric]])
4306(*
4307AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
4308  apply ("ηC" "«[P]»") defer
4309   apply ("ηC" "«[S]»") defer
4310  oops
4311*)
4312(* TODO: proper representation of eta_conversion_lemma2 *)
4313
4314AOT_theorem "sub-des-lam:1":
4315  z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x} 
4316   z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4317proof(rule "→I")
4318  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
4319  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4320    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] =
4321                                   z1...zn χ{z1...zn, τ}]»",
4322               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
4323    by blast
4324qed
4325
4326AOT_theorem "sub-des-lam:2":
4327  ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
4328  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»",
4329                 OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
4330
4331AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
4332proof(rule "≡I"; rule "→I")
4333  AOT_assume F = G
4334  AOT_thus x (x[F]  x[G])
4335    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
4336next
4337  AOT_assume x (x[F]  x[G])
4338  AOT_hence x[F]  x[G] for x
4339    using "∀E" by blast
4340  AOT_hence (x[F]  x[G]) for x
4341    using "en-eq:6[1]"[THEN "≡E"(1)] by blast
4342  AOT_hence x (x[F]  x[G])
4343    by (rule GEN)
4344  AOT_hence x (x[F]  x[G])
4345    using BF[THEN "→E"] by fast
4346  AOT_thus "F = G"
4347    using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
4348qed
4349
4350AOT_theorem "relations:1":
4351  assumes INSTANCE_OF_CQT_2(φ)
4352  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
4353  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
4354  using "cqt:2[lambda]"[OF assms, axiom_inst]
4355        "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
4356
4357AOT_theorem "relations:2":
4358  assumes INSTANCE_OF_CQT_2(φ)
4359  shows F x ([F]x  φ{x})
4360  using "relations:1" assms by blast
4361
4362AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
4363proof(rule RAA(2))
4364  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
4365  AOT_assume A: x « x»]
4366  AOT_have x (A!x & F (x[F]  F = x « x»]))
4367    using "A-objects"[axiom_inst] by fast
4368  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
4369    using "∃E"[rotated] by blast
4370  AOT_show ¬x G (x[G] & ¬[G]x)]
4371  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4372    AOT_assume B: x « x»]a
4373    AOT_hence G (a[G] & ¬[G]a)
4374      using "β→C" A by blast
4375    then AOT_obtain P where a[P] & ¬[P]a
4376      using "∃E"[rotated] by blast
4377    moreover AOT_have P = x « x»]
4378      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4379            calculation[THEN "&E"(1)] by blast
4380    ultimately AOT_have ¬x « x»]a
4381      using "rule=E" "&E"(2) by fast
4382    AOT_thus ¬x G (x[G] & ¬[G]x)]
4383      using B RAA by blast
4384  next
4385    AOT_assume B: ¬x « x»]a
4386    AOT_hence ¬G (a[G] & ¬[G]a)
4387      using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
4388    AOT_hence C: G ¬(a[G] & ¬[G]a)
4389      using "cqt-further:4"[THEN "→E"] by blast
4390    AOT_have G (a[G]  [G]a)
4391      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4392         (auto simp: "oth-class-taut:1:a" C)
4393    AOT_hence ax « x»]  x « x»]a
4394      using "∀E" A by blast
4395    moreover AOT_have ax « x»]
4396      using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
4397      using "=I"(1)[OF A] by blast
4398    ultimately AOT_show ¬x G (x[G] & ¬[G]x)]
4399      using B "→E" RAA by blast
4400  qed
4401qed(simp)
4402
4403AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
4404proof(rule RAA(2))
4405  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
4406  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x))
4407    using "∃E"[rotated] by blast
4408  AOT_have x (A!x & G (x[G]  G = F))
4409    using "A-objects"[axiom_inst] by fast
4410  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
4411    using "∃E"[rotated] by blast
4412  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4413  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4414    AOT_assume B: [F]a
4415    AOT_hence G (a[G] & ¬[G]a)
4416      using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
4417    then AOT_obtain P where a[P] & ¬[P]a
4418      using "∃E"[rotated] by blast
4419    moreover AOT_have P = F
4420      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4421            calculation[THEN "&E"(1)] by blast
4422    ultimately AOT_have ¬[F]a
4423      using "rule=E" "&E"(2) by fast
4424    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x))
4425      using B RAA by blast
4426  next
4427    AOT_assume B: ¬[F]a
4428    AOT_hence ¬G (a[G] & ¬[G]a)
4429      using "oth-class-taut:4:b"[THEN "≡E"(1),
4430              OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)]
4431      by simp
4432    AOT_hence C: G ¬(a[G] & ¬[G]a)
4433      using "cqt-further:4"[THEN "→E"] by blast
4434    AOT_have G (a[G]  [G]a)
4435      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4436         (auto simp: "oth-class-taut:1:a" C)
4437    AOT_hence a[F]  [F]a
4438      using "∀E" by blast
4439    moreover AOT_have a[F]
4440      using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
4441      using "=I"(2) by blast
4442    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4443      using B "→E" RAA by blast
4444  qed
4445qed(simp)
4446
4447AOT_theorem "block-paradox:3": ¬y z z = y]
4448proof(rule RAA(2))
4449  AOT_assume θ: y z z = y]
4450  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
4451    using "A-objects"[axiom_inst] by force
4452  then AOT_obtain a where
4453    a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
4454    using "∃E"[rotated] by blast
4455  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
4456    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
4457  AOT_show ¬y z z = y]
4458  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4459    AOT_assume A: az z = a]
4460    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
4461      using ζ[THEN "≡E"(1)] by blast
4462    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
4463      using "∃E"[rotated] by blast
4464    moreover AOT_have a = a by (rule "=I")
4465    moreover AOT_have z z = a] using θ "∀E" by blast
4466    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
4467    ultimately AOT_have z z = a]a using "β←C" by blast
4468    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
4469    AOT_hence a = b using "β→C" by blast
4470    AOT_hence bz z = a] using A "rule=E" by fast
4471    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
4472  next
4473    AOT_assume A: ¬az z = a]
4474    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
4475      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4476    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
4477      using "cqt-further:4"[THEN "→E"] by blast
4478    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
4479      using "∀E" by blast
4480    AOT_hence z z = a] = z z = a]  az z = a]
4481      by (metis "&I" "deduction-theorem" "raa-cor:4")
4482    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
4483    AOT_thus ¬y z z = y] using A RAA by blast
4484  qed
4485qed(simp)
4486
4487AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
4488proof(rule RAA(2))
4489  AOT_assume θ: y F x([F]x  x = y)
4490  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
4491    using "A-objects"[axiom_inst] by force
4492  then AOT_obtain a where
4493    a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
4494    using "∃E"[rotated] by blast
4495  AOT_obtain F where F_prop: x ([F]x  x = a)
4496    using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
4497  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
4498    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
4499  AOT_show ¬y F x([F]x  x = y)
4500  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4501    AOT_assume A: a[F]
4502    AOT_hence z (y ([F]y  y = z) & ¬z[F])
4503      using ζ[THEN "≡E"(1)] by blast
4504    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
4505      using "∃E"[rotated] by blast
4506    moreover AOT_have [F]a
4507      using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
4508    ultimately AOT_have a = b
4509      using "∀E"(2) "≡E"(1) "&E" by fast
4510    AOT_hence a = b
4511      using "β→C" by blast
4512    AOT_hence b[F]
4513      using A "rule=E" by fast
4514    AOT_thus ¬y F x([F]x  x = y)
4515      using b_prop[THEN "&E"(2)] RAA by blast
4516  next
4517    AOT_assume A: ¬a[F]
4518    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
4519      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4520    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
4521      using "cqt-further:4"[THEN "→E"] by blast
4522    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
4523      using "∀E" by blast
4524    AOT_hence y ([F]y  y = a)  a[F]
4525      by (metis "&I" "deduction-theorem" "raa-cor:4")
4526    AOT_hence a[F] using F_prop "→E" by blast
4527    AOT_thus ¬y F x([F]x  x = y)
4528      using A RAA by blast
4529  qed
4530qed(simp)
4531
4532AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
4533proof(rule "raa-cor:2")
4534  AOT_assume Fxy([F]xy  y = x)
4535  then AOT_obtain F where F_prop: xy([F]xy  y = x)
4536    using "∃E"[rotated] by blast
4537  {
4538    fix x
4539    AOT_have 1: y([F]xy  y = x)
4540      using F_prop "∀E" by blast
4541    AOT_have 2: z [F]xz] by "cqt:2"
4542    moreover AOT_have y(z [F]xz]y  y = x)
4543    proof(rule "∀I")
4544      fix y
4545      AOT_have z [F]xz]y  [F]xy
4546        using "beta-C-meta"[THEN "→E"] 2 by fast
4547      also AOT_have ...  y = x
4548        using 1 "∀E" by fast
4549      finally AOT_show z [F]xz]y  y = x.
4550    qed
4551    ultimately AOT_have Fy([F]y  y = x)
4552      using "∃I" by fast
4553  }
4554  AOT_hence xFy([F]y  y = x)
4555    by (rule GEN)
4556  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
4557    using "&I" "block-paradox:4" by blast
4558qed
4559
4560AOT_act_theorem "block-paradox2:1":
4561  x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4562proof(rule "→I"; rule "raa-cor:2")
4563  AOT_assume antecedant: x [G]x
4564  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4565  proof(rule GEN)
4566    fix x
4567    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x)) 
4568                 ∃!y (y = x & H (x[H] & ¬[H]x))
4569    proof(rule "≡I"; rule "→I")
4570      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
4571      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4572        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
4573      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
4574        using "1-exists:1"[THEN "≡E"(1)] by blast
4575    next
4576      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4577      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x)
4578                     and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
4579        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4580      AOT_have a_3: [G]a
4581        using antecedant "∀E" by blast
4582      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
4583        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
4584        apply (rule "∃I"(2))
4585        using a_1 a_2 a_3 "&I" by blast
4586    qed
4587    also AOT_have B: ...  H (x[H] & ¬[H]x)
4588    proof (rule "≡I"; rule "→I")
4589      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4590      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
4591        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4592      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
4593    next
4594      AOT_assume H (x[H] & ¬[H]x)
4595      AOT_hence x = x & H (x[H] & ¬[H]x)
4596        using "id-eq:1" "&I" by blast
4597      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
4598        by (simp add: "Conjunction Simplification"(1) "universal-cor")
4599      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
4600        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
4601    qed
4602    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
4603  qed
4604
4605  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4606  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x 
4607                   [G]ιy(y = x & H (x[H] & ¬[H]x)))
4608    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
4609  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
4610    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
4611  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
4612    using "∃I"(1) A by fast
4613  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) &
4614            (¬F x ([F]x  H (x[H] & ¬[H]x)))
4615    using "block-paradox:2" "&I" by blast
4616qed
4617
4618AOT_act_theorem "block-paradox2:2":
4619  G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4620proof(rule "∃I"(1))
4621  AOT_have 0: x p (p p)]
4622    by "cqt:2[lambda]"
4623  moreover AOT_have x x p (p p)]x
4624    apply (rule GEN)
4625    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
4626    using "if-p-then-p" GEN by fast
4627  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
4628      using "block-paradox2:1" "∀I" by fast
4629  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
4630    using "∀E"(1) "→E" by blast
4631qed("cqt:2[lambda]")
4632
4633AOT_theorem propositions: p (p  φ)
4634proof(rule "∃I"(1))
4635  AOT_show (φ  φ)
4636    by (simp add: RN "oth-class-taut:3:a")
4637next
4638  AOT_show φ
4639    by (simp add: "log-prop-prop:2")
4640qed
4641
4642AOT_theorem "pos-not-equiv-ne:1":
4643  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4644proof (rule "→I")
4645  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4646  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4647    using "KBasic:11"[THEN "≡E"(2)] by blast
4648  AOT_hence ¬(F = G)
4649    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
4650  AOT_thus F  G
4651    using "=-infix"[THEN "≡dfI"] by blast
4652qed
4653
4654AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
4655proof (rule "→I")
4656  AOT_modally_strict {
4657    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
4658    proof (rule "→I"; rule "raa-cor:2")
4659      AOT_assume 1: F = G
4660      AOT_hence φ{F}  φ{G}
4661        using "l-identity"[axiom_inst, THEN "→E"] by blast
4662      moreover {
4663        AOT_have G = F
4664          using 1 id_sym by blast
4665        AOT_hence φ{G}  φ{F}
4666          using "l-identity"[axiom_inst, THEN "→E"] by blast
4667      }
4668      ultimately AOT_have φ{F}  φ{G}
4669        using "≡I" by blast
4670      moreover AOT_assume ¬(φ{F}  φ{G})
4671      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
4672        using "&I" by blast
4673    qed
4674  }
4675  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
4676    using "RM:2[prem]" by blast
4677  moreover AOT_assume ¬(φ{F}  φ{G})
4678  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
4679  AOT_have (F  G)
4680    by (AOT_subst F  G ¬(F = G))
4681       (auto simp: "=-infix" "≡Df" 0)
4682  AOT_thus F  G
4683    using "id-nec2:3"[THEN "→E"] by blast
4684qed
4685
4686AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
4687proof (rule "→I")
4688  AOT_modally_strict {
4689    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
4690    proof (rule "→I"; rule "raa-cor:2")
4691      AOT_assume 1: p = q
4692      AOT_hence φ{p}  φ{q}
4693        using "l-identity"[axiom_inst, THEN "→E"] by blast
4694      moreover {
4695        AOT_have q = p
4696          using 1 id_sym by blast
4697        AOT_hence φ{q}  φ{p}
4698          using "l-identity"[axiom_inst, THEN "→E"] by blast
4699      }
4700      ultimately AOT_have φ{p}  φ{q}
4701        using "≡I" by blast
4702      moreover AOT_assume ¬(φ{p}  φ{q})
4703      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
4704        using "&I" by blast
4705    qed
4706  }
4707  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
4708    using "RM:2[prem]" by blast
4709  moreover AOT_assume ¬(φ{p}  φ{q})
4710  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
4711  AOT_have (p  q)
4712    by (AOT_subst p  q ¬(p = q))
4713       (auto simp: 0 "=-infix" "≡Df")
4714  AOT_thus p  q
4715    using "id-nec2:3"[THEN "→E"] by blast
4716qed
4717
4718AOT_theorem "pos-not-equiv-ne:3":
4719  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4720  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
4721
4722AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
4723  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
4724
4725AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
4726  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"]
4727        "T◇"[THEN "→E"] by blast
4728
4729AOT_define relation_negation ::  Π" ("_-")
4730  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
4731
4732nonterminal φneg
4733syntax "" :: "φneg  τ" ("_")
4734syntax "" :: "φneg  φ" ("'(_')")
4735
4736AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
4737  "df-relation-negation[zero]": "(p)- =df  ¬p]"
4738
4739AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
4740  by "cqt:2[lambda]"
4741
4742AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
4743  using "cqt:2[lambda0]"[axiom_inst] by blast
4744
4745AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
4746  using "=I"(1)[OF "rel-neg-T:1"]
4747  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
4748
4749AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
4750  using "=I"(1)[OF "rel-neg-T:1[zero]"]
4751  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
4752
4753AOT_theorem "rel-neg-T:3": [Π]-
4754  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"]
4755        "rel-neg-T:1" by blast
4756
4757AOT_theorem "rel-neg-T:3[zero]": (φ)-
4758  using "log-prop-prop:2" by blast
4759
4760(* Note: PLM states the zero place case twice *)
4761AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
4762proof -
4763  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
4764    using "rule=E"[rotated, OF "rel-neg-T:2"]
4765          "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
4766          "→I" "≡I" by fast
4767  also AOT_have ...  ¬[F]x1...xn
4768    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
4769  finally show ?thesis.
4770qed
4771
4772AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
4773  apply (AOT_subst [F]x1...xn ¬¬[F]x1...xn)
4774   apply (simp add: "oth-class-taut:3:b")
4775  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4776  using "thm-relation-negation:1".
4777
4778AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
4779proof -
4780  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
4781  AOT_hence ((p)-)   ¬p]
4782    using "df-relation-negation[zero]" "log-prop-prop:2"
4783          "oth-class-taut:3:a" "rule-id-df:2:a" by blast
4784  also AOT_have  ¬p]  ¬p
4785    by (simp add: "propositions-lemma:2")
4786  finally show ?thesis.
4787qed
4788
4789AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
4790  using "thm-relation-negation:3"[THEN "≡E"(1)]
4791        "thm-relation-negation:3"[THEN "≡E"(2)]
4792        "≡I" "→I" RAA by metis
4793
4794AOT_theorem "thm-relation-negation:5": [F]  [F]-
4795proof -
4796  AOT_have ¬([F] = [F]-)
4797  proof (rule RAA(2))
4798    AOT_show [F]x1...xn  [F]x1...xn for x1xn
4799      using "if-p-then-p".
4800  next
4801    AOT_assume [F] = [F]-
4802    AOT_hence [F]- = [F] using id_sym by blast
4803    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
4804      using "rule=E" "thm-relation-negation:1" by fast
4805    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
4806      using "≡E" RAA by metis
4807  qed
4808  thus ?thesis
4809    using "≡dfI" "=-infix" by blast
4810qed
4811
4812AOT_theorem "thm-relation-negation:6": p  (p)-
4813proof -
4814  AOT_have ¬(p = (p)-)
4815  proof (rule RAA(2))
4816    AOT_show p  p
4817      using "if-p-then-p".
4818  next
4819    AOT_assume p = (p)-
4820    AOT_hence (p)- = p using id_sym by blast
4821    AOT_hence p  ¬p
4822      using "rule=E" "thm-relation-negation:3" by fast
4823    AOT_thus ¬(p  p)
4824      using "≡E" RAA by metis
4825  qed
4826  thus ?thesis
4827    using "≡dfI" "=-infix" by blast
4828qed
4829
4830AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
4831  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
4832  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]"
4833        "propositions-lemma:1" id_trans by blast+
4834
4835AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
4836proof(rule "→I")
4837  AOT_assume p = q
4838  moreover AOT_have (¬p) using "log-prop-prop:2".
4839  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4840  ultimately AOT_show (¬p) = (¬q)
4841    using "rule=E" by fast
4842qed
4843
4844AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4845proof(rule "→I")
4846  AOT_assume p = q
4847  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4848  AOT_thus (p)- = (q)-
4849    using "thm-relation-negation:7" id_sym id_trans by metis
4850qed
4851
4852AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4853  "contingent-properties:1":
4854  Necessary([F]) df x1...∀xn [F]x1...xn
4855
4856AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4857  "contingent-properties:1[zero]":
4858  Necessary0(p) df p
4859
4860AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4861  "contingent-properties:2":
4862  Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4863
4864AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4865  "contingent-properties:2[zero]":
4866  Impossible0(p) df ¬p
4867
4868AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4869  "contingent-properties:3":
4870  NonContingent([F]) df Necessary([F])  Impossible([F])
4871
4872AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4873  "contingent-properties:3[zero]":
4874  NonContingent0(p) df Necessary0(p)  Impossible0(p)
4875
4876AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4877  "contingent-properties:4":
4878  Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4879
4880AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4881  "contingent-properties:4[zero]":
4882  Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4883
4884
4885AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4886proof (rule "≡I"; rule "→I")
4887  AOT_assume NonContingent([F])
4888  AOT_hence Necessary([F])  Impossible([F])
4889    using "≡dfE"[OF "contingent-properties:3"] by blast
4890  moreover {
4891    AOT_assume Necessary([F])
4892    AOT_hence (x1...∀xn [F]x1...xn)
4893      using "≡dfE"[OF "contingent-properties:1"] by blast
4894    moreover AOT_modally_strict {
4895      AOT_assume x1...∀xn [F]x1...xn
4896      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4897      AOT_hence ¬[F]-x1...xn for x1xn
4898        by (meson "≡E"(6) "oth-class-taut:3:a"
4899                  "thm-relation-negation:2" "≡E"(1))
4900      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4901    }
4902    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4903      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4904    AOT_hence Impossible([F]-)
4905      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4906                  OF "rel-neg-T:3", THEN "≡E"(2)]
4907      by blast
4908  }
4909  moreover {
4910    AOT_assume Impossible([F])
4911    AOT_hence (x1...∀xn ¬[F]x1...xn)
4912      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4913                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4914      by blast
4915    moreover AOT_modally_strict {
4916      AOT_assume x1...∀xn ¬[F]x1...xn
4917      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4918      AOT_hence [F]-x1...xn for x1xn
4919        by (meson "≡E"(6) "oth-class-taut:3:a"
4920                  "thm-relation-negation:1" "≡E"(1))
4921      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4922    }
4923    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4924      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4925    AOT_hence Necessary([F]-)
4926      using "≡dfI"[OF "contingent-properties:1"] by blast
4927  }
4928  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4929    using "∨E"(1) "∨I" "→I" by metis
4930  AOT_thus NonContingent([F]-)
4931    using "≡dfI"[OF "contingent-properties:3"] by blast
4932next
4933  AOT_assume NonContingent([F]-)
4934  AOT_hence Necessary([F]-)  Impossible([F]-)
4935    using "≡dfE"[OF "contingent-properties:3"] by blast
4936  moreover {
4937    AOT_assume Necessary([F]-)
4938    AOT_hence (x1...∀xn [F]-x1...xn)
4939      using "≡dfE"[OF "contingent-properties:1"] by blast
4940    moreover AOT_modally_strict {
4941      AOT_assume x1...∀xn [F]-x1...xn
4942      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4943      AOT_hence ¬[F]x1...xn for x1xn
4944        by (meson "≡E"(6) "oth-class-taut:3:a"
4945                  "thm-relation-negation:1" "≡E"(2))
4946      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4947    }
4948    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4949      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4950    AOT_hence Impossible([F])
4951      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4952                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4953      by blast
4954  }
4955  moreover {
4956    AOT_assume Impossible([F]-)
4957    AOT_hence (x1...∀xn ¬[F]-x1...xn)
4958      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4959                  OF "rel-neg-T:3", THEN "≡E"(1)]
4960      by blast
4961    moreover AOT_modally_strict {
4962      AOT_assume x1...∀xn ¬[F]-x1...xn
4963      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
4964      AOT_hence [F]x1...xn for x1xn 
4965        using "thm-relation-negation:1"[THEN
4966                "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4967              "useful-tautologies:1"[THEN "→E"] by blast
4968      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
4969    }
4970    ultimately AOT_have (x1...∀xn [F]x1...xn)
4971      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
4972    AOT_hence Necessary([F])
4973      using "≡dfI"[OF "contingent-properties:1"] by blast
4974  }
4975  ultimately AOT_have Necessary([F])  Impossible([F])
4976    using "∨E"(1) "∨I" "→I" by metis
4977  AOT_thus NonContingent([F])
4978    using "≡dfI"[OF "contingent-properties:3"] by blast
4979qed
4980
4981AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
4982proof -
4983  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
4984    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
4985                                    OF "cqt:2[const_var]"[axiom_inst]]
4986    by blast
4987  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
4988    using "oth-class-taut:5:d" by fastforce
4989  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
4990    by (simp add: "Commutativity of &")
4991  also AOT_have ...  x [F]x & ¬Necessary([F])
4992  proof (rule "oth-class-taut:4:e"[THEN "→E"])
4993    AOT_have ¬Impossible([F])  ¬¬ x [F]x
4994      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4995      apply (AOT_subst x [F]x ¬ x ¬[F]x)
4996       apply (simp add: "conventions:4" "≡Df")
4997      apply (AOT_subst (reverse) ¬¬x ¬[F]x x ¬[F]x)
4998       apply (simp add: "oth-class-taut:3:b")
4999      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1),
5000                                      OF "cqt:2[const_var]"[axiom_inst]]
5001      by blast
5002    also AOT_have ...  x [F]x
5003      using "conventions:5"[THEN "≡Df", symmetric] by blast
5004    finally AOT_show ¬Impossible([F])  x [F]x .
5005  qed
5006  also AOT_have ...  x [F]x & x ¬[F]x
5007  proof (rule "oth-class-taut:4:f"[THEN "→E"])
5008    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
5009      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5010      apply (AOT_subst x ¬[F]x ¬ x ¬¬[F]x)
5011       apply (simp add: "conventions:4" "≡Df")
5012      apply (AOT_subst (reverse) ¬¬[F]x [F]x for: x)
5013       apply (simp add: "oth-class-taut:3:b")
5014      apply (AOT_subst (reverse) ¬¬x [F]x x [F]x)
5015      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
5016    also AOT_have ...  x ¬[F]x
5017      using "conventions:5"[THEN "≡Df", symmetric] by blast
5018    finally AOT_show ¬Necessary([F])  x ¬[F]x.
5019  qed
5020  finally show ?thesis.
5021qed
5022
5023AOT_theorem "thm-cont-prop:3":
5024  Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
5025proof -
5026  {
5027    fix Π :: <κ>
5028    AOT_assume Π
5029    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5030      using "thm-cont-prop:2" GEN by fast
5031    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
5032      using "thm-cont-prop:2" "∀E" by fast
5033  } note 1 = this
5034  AOT_have Contingent([F])  x [F]x & x ¬[F]x
5035    using "thm-cont-prop:2" by blast
5036  also AOT_have ...  x ¬[F]x & x [F]x
5037    by (simp add: "Commutativity of &")
5038  also AOT_have ...  x [F]-x & x [F]x
5039    by (AOT_subst [F]-x ¬[F]x for: x)
5040       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
5041  also AOT_have ...  x [F]-x & x ¬[F]-x
5042    by (AOT_subst (reverse) [F]x ¬[F]-x for: x)
5043       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
5044  also AOT_have ...  Contingent([F]-)
5045    using 1[OF "rel-neg-T:3", symmetric] by blast
5046  finally show ?thesis.
5047qed
5048
5049AOT_define concrete_if_concrete :: ‹Π› ("L")
5050  L_def: L =df x E!x  E!x]
5051
5052AOT_theorem "thm-noncont-e-e:1": Necessary(L)
5053proof -
5054  AOT_modally_strict {
5055    fix x
5056    AOT_have x E!x  E!x] by "cqt:2[lambda]"
5057    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5058    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5059    ultimately AOT_have x E!x  E!x]x
5060      using "β←C" by blast
5061  }
5062  AOT_hence 0: x x E!x  E!x]x
5063    using RN GEN by blast
5064  show ?thesis
5065    apply (rule "=dfI"(2)[OF L_def])
5066     apply "cqt:2[lambda]"
5067    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
5068qed
5069
5070AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
5071proof -
5072  AOT_modally_strict {
5073    fix x
5074
5075    AOT_have 0: F (¬[F]-x  [F]x)
5076      using "thm-relation-negation:2" GEN by fast
5077    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
5078      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
5079    moreover {
5080      AOT_have x E!x  E!x] by "cqt:2[lambda]"
5081      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5082      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5083      ultimately AOT_have x E!x  E!x]x
5084        using "β←C" by blast
5085    }
5086    ultimately AOT_have ¬x E!x  E!x]-x
5087      using "≡E" by blast
5088  }
5089  AOT_hence 0: x ¬x E!x  E!x]-x
5090    using RN GEN by fast
5091  show ?thesis
5092    apply (rule "=dfI"(2)[OF L_def])
5093     apply "cqt:2[lambda]"
5094    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
5095     using "rel-neg-T:3"
5096     apply blast
5097    using 0
5098    by blast
5099qed
5100
5101AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
5102  using "thm-noncont-e-e:1"
5103  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
5104
5105AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
5106proof -
5107  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
5108    using "thm-cont-prop:1" "∀I" by fast
5109  moreover AOT_have 1: L
5110    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5111  AOT_show NonContingent([L]-)
5112    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
5113qed
5114
5115AOT_theorem "thm-noncont-e-e:5":
5116  F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
5117proof (rule "∃I")+
5118  {
5119    AOT_have F [F]  [F]-
5120      using "thm-relation-negation:5" GEN by fast
5121    moreover AOT_have L
5122      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5123    ultimately AOT_have L  [L]-
5124      using "∀E" by blast
5125  }
5126  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
5127    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
5128next
5129  AOT_show [L]-
5130    using "rel-neg-T:3" by blast
5131next
5132  AOT_show L
5133      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5134qed
5135
5136AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5137proof -
5138  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
5139    using "BF◇" "CBF◇" "≡I" by blast
5140  also AOT_have   x ([F]x &  ¬[F]x)
5141    by (AOT_subst ([F]x & ¬[F]x) [F]x &  ¬[F]x for: x)
5142       (auto simp: "S5Basic:11" "cqt-further:7")
5143  also AOT_have   x (¬[F]x & [F]x)
5144    by (AOT_subst ¬[F]x & [F]x  [F]x & ¬[F]x for: x)
5145       (auto simp: "Commutativity of &" "cqt-further:7")
5146  also AOT_have   x (¬[F]x & [F]x)
5147    by (AOT_subst (¬[F]x & [F]x) ¬[F]x & [F]x for: x)
5148       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
5149  also AOT_have   x (¬[F]x & [F]x)
5150    using "BF◇" "CBF◇" "≡I" by fast
5151  finally show ?thesis.
5152qed
5153
5154AOT_theorem "lem-cont-e:2": x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
5155proof -
5156  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5157    using "lem-cont-e:1".
5158  also AOT_have   x ([F]-x & ¬[F]-x)
5159    apply (AOT_subst ¬[F]-x [F]x for: x)
5160     apply (simp add: "thm-relation-negation:2")
5161    apply (AOT_subst [F]-x ¬[F]x for: x)
5162     apply (simp add: "thm-relation-negation:1")
5163    by (simp add: "oth-class-taut:3:a")
5164  finally show ?thesis.
5165qed
5166
5167AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
5168proof (rule "CBF◇"[THEN "→E"])
5169  AOT_have x (E!x & ¬𝒜E!x)
5170    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
5171  then AOT_obtain a where (E!a & ¬𝒜E!a)
5172    using "∃E"[rotated] by blast
5173  AOT_hence θ: E!a & ¬𝒜E!a
5174    using "KBasic2:3"[THEN "→E"] by blast
5175  AOT_have ξ: E!a & 𝒜¬E!a
5176    by (AOT_subst  𝒜¬E!a ¬𝒜E!a)
5177       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
5178  AOT_have ζ: E!a & 𝒜¬E!a
5179    by (AOT_subst 𝒜¬E!a 𝒜¬E!a)
5180       (auto simp add: "Act-Sub:4" ξ)
5181  AOT_hence E!a & ¬E!a
5182    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
5183  AOT_hence (E!a & ¬E!a)
5184    using "S5Basic:11"[THEN "≡E"(2)] by simp
5185  AOT_thus x (E!x & ¬E!x)
5186    using "∃I"(2) by fast
5187qed
5188
5189AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
5190proof -
5191  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
5192    using "lem-cont-e:1" GEN by fast
5193  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
5194    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5195  thus ?thesis using "thm-cont-e:1" "≡E" by blast
5196qed
5197
5198AOT_theorem "thm-cont-e:3": x E!x
5199proof (rule "CBF◇"[THEN "→E"])
5200  AOT_obtain a where (E!a & ¬E!a)
5201    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5202  AOT_hence E!a
5203    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
5204  AOT_thus x E!x using "∃I" by fast
5205qed
5206
5207AOT_theorem "thm-cont-e:4": x ¬E!x
5208proof (rule "CBF◇"[THEN "→E"])
5209  AOT_obtain a where (E!a & ¬E!a)
5210    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5211  AOT_hence ¬E!a
5212    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
5213  AOT_hence ¬E!a
5214    using "4◇"[THEN "→E"] by blast
5215  AOT_thus x ¬E!x using "∃I" by fast
5216qed
5217
5218AOT_theorem "thm-cont-e:5": Contingent([E!])
5219proof -
5220  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5221    using "thm-cont-prop:2" GEN by fast
5222  AOT_hence Contingent([E!])  x E!x & x ¬E!x
5223    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5224  thus ?thesis
5225    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
5226qed
5227
5228AOT_theorem "thm-cont-e:6": Contingent([E!]-)
5229proof -
5230  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
5231    using "thm-cont-prop:3" GEN by fast
5232  AOT_hence Contingent([E!])  Contingent([E!]-)
5233    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5234  thus ?thesis using "thm-cont-e:5" "≡E" by blast
5235qed
5236
5237AOT_theorem "thm-cont-e:7":
5238  FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
5239proof (rule "∃I")+
5240  AOT_have F [«F::<κ>»]  [F]-
5241    using "thm-relation-negation:5" GEN by fast
5242  AOT_hence [E!]  [E!]-
5243    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5244  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
5245    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
5246next
5247  AOT_show E!-
5248    by (fact AOT)
5249next
5250  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
5251qed
5252
5253AOT_theorem "property-facts:1":
5254  NonContingent([F])  ¬G (Contingent([G]) & G = F)
5255proof (rule "→I"; rule "raa-cor:2")
5256  AOT_assume NonContingent([F])
5257  AOT_hence 1: Necessary([F])  Impossible([F])
5258    using "contingent-properties:3"[THEN "≡dfE"] by blast
5259  AOT_assume G (Contingent([G]) & G = F)
5260  then AOT_obtain G where Contingent([G]) & G = F
5261    using "∃E"[rotated] by blast
5262  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
5263  AOT_hence ¬(Necessary([F])  Impossible([F]))
5264    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5265            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5266  AOT_thus (Necessary([F])  Impossible([F])) &
5267            ¬(Necessary([F])  Impossible([F]))
5268    using 1 "&I" by blast
5269qed
5270
5271AOT_theorem "property-facts:2":
5272  Contingent([F])  ¬G (NonContingent([G]) & G = F)
5273proof (rule "→I"; rule "raa-cor:2")
5274  AOT_assume Contingent([F])
5275  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
5276    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5277            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5278  AOT_assume G (NonContingent([G]) & G = F)
5279  then AOT_obtain G where NonContingent([G]) & G = F
5280    using "∃E"[rotated] by blast
5281  AOT_hence NonContingent([F])
5282    using "rule=E" "&E" by blast
5283  AOT_hence Necessary([F])  Impossible([F])
5284    using "contingent-properties:3"[THEN "≡dfE"] by blast
5285  AOT_thus (Necessary([F])  Impossible([F])) &
5286            ¬(Necessary([F])  Impossible([F]))
5287    using 1 "&I" by blast
5288qed
5289
5290AOT_theorem "property-facts:3":
5291  L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
5292proof -
5293  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
5294    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5295    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
5296  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
5297    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
5298  AOT_have not_noncontingent_if_contingent:
5299    ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
5300  proof(rule RAA(2))
5301    AOT_show ¬(Necessary([Π])  Impossible([Π]))
5302      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5303                    OF contingent_denotes[OF that], THEN "≡E"(1)]
5304      by blast
5305  next
5306    AOT_assume NonContingent([Π])
5307    AOT_thus Necessary([Π])  Impossible([Π])
5308      using "contingent-properties:3"[THEN "≡dfE"] by blast
5309  qed
5310
5311  show ?thesis
5312  proof (safe intro!: "&I")
5313    AOT_show L  [L]-
5314      apply (rule "=dfI"(2)[OF L_def])
5315       apply "cqt:2[lambda]"
5316      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5317       apply (rule GEN) apply (fact AOT)
5318      by "cqt:2[lambda]"
5319  next
5320    AOT_show L  E!
5321      apply (rule noneqI)
5322      using "thm-noncont-e-e:3"
5323            not_noncontingent_if_contingent[OF "thm-cont-e:5"]
5324      by auto
5325  next
5326    AOT_show L  E!-
5327      apply (rule noneqI)
5328      using "thm-noncont-e-e:3" apply fast
5329      apply (rule not_noncontingent_if_contingent)
5330      apply (rule "∀E"(1)[
5331            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5332            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5333      using "thm-cont-prop:3" GEN apply fast
5334      using "thm-cont-e:5" by fast+
5335  next
5336    AOT_show [L]-  E!-
5337      apply (rule noneqI)
5338      using "thm-noncont-e-e:4" apply fast
5339      apply (rule not_noncontingent_if_contingent)
5340      apply (rule "∀E"(1)[
5341            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5342            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5343      using "thm-cont-prop:3" GEN apply fast
5344      using "thm-cont-e:5" by fast+
5345  next
5346    AOT_show E!  E!-
5347      apply (rule "=dfI"(2)[OF L_def])
5348       apply "cqt:2[lambda]"
5349      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5350       apply (rule GEN) apply (fact AOT)
5351      by (fact "cqt:2[concrete]"[axiom_inst])
5352  qed
5353qed
5354
5355AOT_theorem "thm-cont-propos:1": NonContingent0(p)  NonContingent0(((p)-))
5356proof(rule "≡I"; rule "→I")
5357  AOT_assume NonContingent0(p)
5358  AOT_hence Necessary0(p)  Impossible0(p)
5359    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5360  moreover {
5361    AOT_assume Necessary0(p)
5362    AOT_hence 1: p
5363      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5364    AOT_have ¬((p)-)
5365      by (AOT_subst ¬((p)-) p)
5366         (auto simp add: 1 "thm-relation-negation:4")
5367    AOT_hence Impossible0(((p)-))
5368      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5369  }
5370  moreover {
5371    AOT_assume Impossible0(p)
5372    AOT_hence 1: ¬p
5373      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5374    AOT_have ((p)-)
5375      by (AOT_subst ((p)-) ¬p) 
5376         (auto simp: 1 "thm-relation-negation:3")
5377    AOT_hence Necessary0(((p)-))
5378      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5379  }
5380  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
5381    using "∨E"(1) "∨I" "→I" by metis
5382  AOT_thus NonContingent0(((p)-))
5383    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5384next
5385  AOT_assume NonContingent0(((p)-))
5386  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
5387    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5388  moreover {
5389    AOT_assume Impossible0(((p)-))
5390    AOT_hence 1: ¬((p)-)
5391      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5392    AOT_have p
5393      by (AOT_subst (reverse) p ¬((p)-))
5394         (auto simp: 1 "thm-relation-negation:4")
5395    AOT_hence Necessary0(p)
5396      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
5397  }
5398  moreover {
5399    AOT_assume Necessary0(((p)-))
5400    AOT_hence 1: ((p)-)
5401      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
5402    AOT_have ¬p
5403      by (AOT_subst (reverse) ¬p ((p)-))
5404         (auto simp: 1 "thm-relation-negation:3")
5405    AOT_hence Impossible0(p)
5406      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5407  }
5408  ultimately AOT_have Necessary0(p)  Impossible0(p)
5409    using "∨E"(1) "∨I" "→I" by metis
5410  AOT_thus NonContingent0(p)
5411    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5412qed
5413
5414AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
5415proof -
5416  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
5417    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
5418  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
5419    by (fact AOT)
5420  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
5421    by (fact AOT)
5422  also AOT_have   φ & ¬φ
5423    apply (AOT_subst φ ¬¬φ)
5424     apply (simp add: "conventions:5" "≡Df")
5425    apply (AOT_subst Impossible0(φ) ¬φ)
5426     apply (simp add: "contingent-properties:2[zero]" "≡Df")
5427    apply (AOT_subst (reverse) ¬φ ¬φ)
5428     apply (simp add: "KBasic:11")
5429    apply (AOT_subst Necessary0(φ) φ)
5430     apply (simp add: "contingent-properties:1[zero]" "≡Df")
5431    by (simp add: "oth-class-taut:3:a")
5432  finally show ?thesis.
5433qed
5434
5435AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
5436proof -
5437  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
5438  also AOT_have   ¬p & p by (fact AOT)
5439  also AOT_have   ((p)-) & p
5440    by (AOT_subst ((p)-) ¬p)
5441       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
5442  also AOT_have   ((p)-) & ¬((p)-)
5443    by (AOT_subst ¬((p)-) p)
5444       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
5445  also AOT_have   Contingent0(((p)-))
5446    using "thm-cont-propos:2"[symmetric] by blast
5447  finally show ?thesis.
5448qed
5449
5450AOT_define noncontingent_prop :: ‹φ› ("p0")
5451  p0_def: "(p0) =df (x (E!x  E!x))"
5452
5453AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
5454proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5455  AOT_show (p0)
5456    apply (rule "=dfI"(2)[OF p0_def])
5457    using "log-prop-prop:2" apply simp
5458    using "if-p-then-p" RN GEN by fast
5459qed
5460
5461AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
5462proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5463  AOT_show ¬((p0)-)
5464    apply (AOT_subst ((p0)-) ¬p0)
5465    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"]
5466     apply fast
5467    apply (AOT_subst (reverse) ¬¬p0 p0)
5468     apply (simp add: "oth-class-taut:3:b")
5469    apply (rule "=dfI"(2)[OF p0_def])
5470    using "log-prop-prop:2" apply simp
5471    using "if-p-then-p" RN GEN by fast
5472qed
5473
5474AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
5475  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5476  using "thm-noncont-propos:1" "∨I" by blast
5477
5478AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
5479  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5480  using "thm-noncont-propos:2" "∨I" by blast
5481
5482AOT_theorem "thm-noncont-propos:5":
5483  pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
5484proof(rule "∃I")+
5485  AOT_have 0: φ  (φ)- for φ
5486    using "thm-relation-negation:6" "∀I"
5487          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5488  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
5489    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
5490qed(auto simp: "log-prop-prop:2")
5491
5492AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
5493proof(rule "raa-cor:2")
5494  AOT_assume x(E!x & ¬𝒜E!x)
5495  then AOT_obtain a where a: E!a & ¬𝒜E!a
5496    using "∃E"[rotated] by blast
5497  AOT_hence 𝒜¬E!a
5498    using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5499  AOT_hence ¬E!a
5500    using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
5501  AOT_hence E!a & ¬E!a
5502    using a "&E" "&I" by blast
5503  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5504qed
5505
5506AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
5507proof(rule "raa-cor:2")
5508  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
5509  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
5510    using "Act-Basic:10"[THEN "≡E"(1)] by blast
5511  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a)
5512    using "∃E"[rotated] by blast
5513  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a
5514    using "Act-Basic:2"[THEN "≡E"(1)] by blast
5515  AOT_hence ¬𝒜𝒜E!a
5516    using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
5517  AOT_hence ¬𝒜E!a
5518    using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
5519  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
5520qed
5521
5522AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
5523proof (rule RAA(1))
5524  AOT_show ¬𝒜x (E!x & ¬𝒜E!x)
5525    using "pos-not-pna:1" by blast
5526next
5527  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
5528  AOT_hence x (E!x & ¬𝒜E!x)
5529    using "KBasic:12"[THEN "≡E"(2)] by blast
5530  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
5531    using "nec-imp-act"[THEN "→E"] by blast
5532qed
5533
5534AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
5535proof -
5536  AOT_obtain a where (E!a & ¬𝒜E!a)
5537    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
5538  AOT_hence θ: E!a and ξ: ¬𝒜E!a
5539    using "KBasic2:3"[THEN "→E"] "&E" by blast+
5540  AOT_have ¬𝒜E!a
5541    using ξ "KBasic:11"[THEN "≡E"(2)] by blast
5542  AOT_hence ¬𝒜E!a
5543    using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5544                        THEN "≡E"(2)] by blast
5545  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
5546  thus ?thesis using "∃I" by fast
5547qed
5548
5549AOT_define contingent_prop :: φ ("q0")
5550  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
5551
5552AOT_theorem q0_prop: q0 & ¬q0
5553  apply (rule "=dfI"(2)[OF q0_def])
5554  apply (fact "log-prop-prop:2")
5555  apply (rule "&I")
5556   apply (fact "qml:4"[axiom_inst])
5557  by (fact "pos-not-pna:2")
5558
5559AOT_theorem "basic-prop:1": Contingent0((q0))
5560proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5561  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
5562  proof (rule "&I";
5563         rule "=dfI"(2)[OF q0_def];
5564         (rule "log-prop-prop:2" | rule "raa-cor:2"))
5565    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
5566    AOT_hence x (E!x & ¬𝒜E!x)
5567      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5568    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
5569      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
5570    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
5571      using "pos-not-pna:1" "&I" by blast
5572  next
5573    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
5574    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5575      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5576    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5577      using "KBasic2:1"[THEN "≡E"(1)] by blast
5578    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
5579      using "qml:4"[axiom_inst] "&I" by blast
5580  qed
5581  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
5582    using "oth-class-taut:5:d" "≡E"(2) by blast
5583qed
5584
5585AOT_theorem "basic-prop:2": p Contingent0((p))
5586  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
5587
5588AOT_theorem "basic-prop:3": Contingent0(((q0)-))
5589  apply (AOT_subst ((q0)-) ¬q0)
5590   apply (insert "thm-relation-negation:3" "∀I"
5591                "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
5592  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5593  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
5594  apply (rule "&I")
5595   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]",
5596                  THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5597   apply (rule "conventions:5"[THEN "≡dfE"])
5598   apply (rule "=dfE"(2)[OF q0_def])
5599    apply (rule "log-prop-prop:2")
5600   apply (rule q0_prop[THEN "&E"(1)])
5601  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]",
5602                THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5603  apply (rule "conventions:5"[THEN "≡dfE"])
5604  by (rule q0_prop[THEN "&E"(2)])
5605
5606AOT_theorem "basic-prop:4": pq (p  q & Contingent0(p) & Contingent0(q))
5607proof(rule "∃I")+
5608  AOT_have 0: φ  (φ)- for φ
5609    using "thm-relation-negation:6" "∀I"
5610          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5611  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
5612    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
5613qed(auto simp: "log-prop-prop:2")
5614
5615AOT_theorem "proposition-facts:1":
5616  NonContingent0(p)  ¬q (Contingent0(q) & q = p)
5617proof(rule "→I"; rule "raa-cor:2")
5618  AOT_assume NonContingent0(p)
5619  AOT_hence 1: Necessary0(p)  Impossible0(p)
5620    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5621  AOT_assume q (Contingent0(q) & q = p)
5622  then AOT_obtain q where Contingent0(q) & q = p
5623    using "∃E"[rotated] by blast
5624  AOT_hence Contingent0(p)
5625    using "rule=E" "&E" by fast
5626  AOT_thus (Necessary0(p)  Impossible0(p)) &
5627            ¬(Necessary0(p)  Impossible0(p))
5628    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
5629qed
5630
5631AOT_theorem "proposition-facts:2":
5632  Contingent0(p)  ¬q (NonContingent0(q) & q = p)
5633proof(rule "→I"; rule "raa-cor:2")
5634  AOT_assume Contingent0(p)
5635  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
5636    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5637  AOT_assume q (NonContingent0(q) & q = p)
5638  then AOT_obtain q where NonContingent0(q) & q = p
5639    using "∃E"[rotated] by blast
5640  AOT_hence NonContingent0(p)
5641    using "rule=E" "&E" by fast
5642  AOT_thus (Necessary0(p)  Impossible0(p)) &
5643            ¬(Necessary0(p)  Impossible0(p))
5644    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
5645qed
5646
5647AOT_theorem "proposition-facts:3":
5648  (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
5649proof -
5650  {
5651    fix χ φ ψ
5652    AOT_assume χ{φ}
5653    moreover AOT_assume ¬χ{ψ}
5654    ultimately AOT_have ¬(χ{φ}  χ{ψ})
5655      using RAA "≡E" by metis
5656    moreover {
5657      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
5658        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
5659      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
5660        using "∀E" "log-prop-prop:2" by blast
5661    }
5662    ultimately AOT_have φ  ψ
5663      using "→E" by blast
5664  } note 0 = this
5665  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
5666    using "thm-cont-propos:3" "∀I"
5667          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5668  AOT_have not_noncontingent_if_contingent:
5669    ¬NonContingent0(φ) if Contingent0(φ) for φ
5670    apply (rule "contingent-properties:3[zero]"[THEN "≡Df",
5671                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5672    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5673  show ?thesis
5674    apply (rule "&I")+
5675    using "thm-relation-negation:6" "∀I"
5676          "∀E"(1)[rotated, OF "log-prop-prop:2"]
5677        apply fast
5678       apply (rule 0)
5679    using "thm-noncont-propos:3" apply fast
5680       apply (rule not_noncontingent_if_contingent)
5681       apply (fact AOT)
5682      apply (rule 0)
5683    apply (rule "thm-noncont-propos:3")
5684      apply (rule not_noncontingent_if_contingent)
5685      apply (rule contingent_neg[THEN "≡E"(1)])
5686      apply (fact AOT)
5687     apply (rule 0)
5688    apply (rule "thm-noncont-propos:4")
5689      apply (rule not_noncontingent_if_contingent)
5690      apply (rule contingent_neg[THEN "≡E"(1)])
5691     apply (fact AOT)
5692    using "thm-relation-negation:6" "∀I"
5693          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5694qed
5695
5696AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
5697  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
5698
5699AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
5700  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
5701
5702AOT_theorem "cont-true-cont:1": ContingentlyTrue((p))  Contingent0((p))
5703proof(rule "→I")
5704  AOT_assume ContingentlyTrue((p))
5705  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
5706  AOT_have ¬Necessary0((p))
5707    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5708                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5709    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
5710  moreover AOT_have ¬Impossible0((p))
5711    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5712                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5713    apply (rule "conventions:5"[THEN "≡dfE"])
5714    using "T◇"[THEN "→E", OF 1].
5715  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5716    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5717  AOT_thus Contingent0((p))
5718    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5719qed
5720
5721AOT_theorem "cont-true-cont:2": ContingentlyFalse((p))  Contingent0((p))
5722proof(rule "→I")
5723  AOT_assume ContingentlyFalse((p))
5724  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
5725  AOT_have ¬Necessary0((p))
5726    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5727                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5728    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
5729  moreover AOT_have ¬Impossible0((p))
5730    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5731                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5732    apply (rule "conventions:5"[THEN "≡dfE"])
5733    using 2.
5734  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5735    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5736  AOT_thus Contingent0((p))
5737    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5738qed
5739
5740AOT_theorem "cont-true-cont:3":
5741  ContingentlyTrue((p))  ContingentlyFalse(((p)-))
5742proof(rule "≡I"; rule "→I")
5743  AOT_assume ContingentlyTrue((p))
5744  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5745  AOT_have 1: ContingentlyFalse(¬p)
5746    apply (rule "cont-tf:2"[THEN "≡dfI"])
5747    apply (AOT_subst (reverse) ¬¬p p)
5748    by (auto simp: "oth-class-taut:3:b" 0)
5749  AOT_show ContingentlyFalse(((p)-))
5750    apply (AOT_subst ((p)-) ¬p)
5751    by (auto simp: "thm-relation-negation:3" 1)
5752next
5753  AOT_assume 1: ContingentlyFalse(((p)-))
5754  AOT_have ContingentlyFalse(¬p)
5755    by (AOT_subst (reverse) ¬p ((p)-))
5756       (auto simp: "thm-relation-negation:3" 1)
5757  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
5758  AOT_hence p & ¬p
5759    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
5760  AOT_thus ContingentlyTrue((p))
5761    using "cont-tf:1"[THEN "≡dfI"] by blast
5762qed
5763
5764AOT_theorem "cont-true-cont:4":
5765  ContingentlyFalse((p))  ContingentlyTrue(((p)-))
5766proof(rule "≡I"; rule "→I")
5767  AOT_assume ContingentlyFalse(p)
5768  AOT_hence 0: ¬p & p
5769    using "cont-tf:2"[THEN "≡dfE"] by blast
5770  AOT_have ¬p & ¬¬p
5771    by (AOT_subst (reverse) ¬¬p p)
5772       (auto simp: "oth-class-taut:3:b" 0)
5773  AOT_hence 1: ContingentlyTrue(¬p)
5774    by (rule "cont-tf:1"[THEN "≡dfI"])
5775  AOT_show ContingentlyTrue(((p)-))
5776    by (AOT_subst ((p)-) ¬p)
5777       (auto simp: "thm-relation-negation:3" 1)
5778next
5779  AOT_assume 1: ContingentlyTrue(((p)-))
5780  AOT_have ContingentlyTrue(¬p)
5781    by (AOT_subst (reverse) ¬p ((p)-))
5782       (auto simp add: "thm-relation-negation:3" 1)
5783  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5784  AOT_have p
5785    by (AOT_subst p ¬¬p)
5786       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
5787  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
5788  AOT_thus ContingentlyFalse(p)
5789    by (rule "cont-tf:2"[THEN "≡dfI"])
5790qed
5791
5792AOT_theorem "cont-true-cont:5":
5793  (ContingentlyTrue((p)) & Necessary0((q)))  p  q
5794proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5795  AOT_assume ContingentlyTrue((p))
5796  AOT_hence ¬p
5797    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
5798  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
5799  AOT_assume Necessary0((q))
5800  moreover AOT_assume ¬(p  q)
5801  AOT_hence p = q
5802    using "=-infix"[THEN "≡Df",
5803                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5804                    THEN "≡E"(1)]
5805          "useful-tautologies:1"[THEN "→E"] by blast
5806  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
5807  AOT_hence p
5808    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5809  AOT_thus p & ¬p using 0 "&I" by blast
5810qed
5811
5812AOT_theorem "cont-true-cont:6":
5813  (ContingentlyFalse((p)) & Impossible0((q)))  p  q
5814proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5815  AOT_assume ContingentlyFalse((p))
5816  AOT_hence p
5817    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
5818  AOT_hence 1: ¬¬p
5819    using "conventions:5"[THEN "≡dfE"] by blast
5820  AOT_assume Impossible0((q))
5821  moreover AOT_assume ¬(p  q)
5822  AOT_hence p = q
5823    using "=-infix"[THEN "≡Df",
5824                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5825                    THEN "≡E"(1)]
5826          "useful-tautologies:1"[THEN "→E"] by blast
5827  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
5828  AOT_hence ¬p
5829    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5830  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
5831qed
5832
5833AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
5834  apply (rule "cont-tf:2"[THEN "≡dfI"])
5835  apply (rule "=dfI"(2)[OF q0_def])
5836   apply (fact "log-prop-prop:2")
5837  apply (rule "&I")
5838   apply (fact "no-cnac")
5839  by (fact "qml:4"[axiom_inst])
5840
5841AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
5842  apply (rule "cont-tf:1"[THEN "≡dfI"])
5843  apply (rule "=dfI"(2)[OF q0_def])
5844   apply (fact "log-prop-prop:2")
5845  apply (rule "&I")
5846   apply (rule "thm-relation-negation:3"
5847                [unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
5848     apply (fact "no-cnac")
5849  apply (rule "rule=E"[rotated,
5850                OF "thm-relation-negation:7"
5851                   [unvarify p, OF "log-prop-prop:2", THEN id_sym]])
5852  apply (AOT_subst (reverse) ¬¬(x  (E!x & ¬𝒜E!x)) x (E!x & ¬𝒜E!x))
5853  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
5854
5855(* TODO: q0cf-rem skipped for now *)
5856
5857AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
5858proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5859  AOT_assume q0
5860  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5861  AOT_thus ContingentlyTrue(q0)
5862    by (rule "cont-tf:1"[THEN "≡dfI"])
5863next
5864  AOT_assume ¬q0
5865  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5866  AOT_hence ContingentlyFalse(q0)
5867    by (rule "cont-tf:2"[THEN "≡dfI"])
5868  AOT_thus ContingentlyTrue(((q0)-))
5869    by (rule "cont-true-cont:4"[unvarify p,
5870                OF "log-prop-prop:2", THEN "≡E"(1)])
5871qed(auto simp: "log-prop-prop:2")
5872
5873
5874AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
5875proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5876  AOT_assume q0
5877  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5878  AOT_hence ContingentlyTrue(q0)
5879    by (rule "cont-tf:1"[THEN "≡dfI"])
5880  AOT_thus ContingentlyFalse(((q0)-))
5881    by (rule "cont-true-cont:3"[unvarify p,
5882                OF "log-prop-prop:2", THEN "≡E"(1)])
5883next
5884  AOT_assume ¬q0
5885  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5886  AOT_thus ContingentlyFalse(q0)
5887    by (rule "cont-tf:2"[THEN "≡dfI"])
5888qed(auto simp: "log-prop-prop:2")
5889
5890AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
5891proof -
5892  fix x
5893  AOT_obtain p1 where ContingentlyTrue((p1))
5894    using "cont-tf-thm:1" "∃E"[rotated] by blast
5895  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5896  AOT_modally_strict {
5897    AOT_have for arbitrary p:  (z p]x  p)
5898      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5899    AOT_hence for arbitrary p:   (z p]x  p)
5900      by (rule RN)
5901    AOT_hence p (z p]x  p) using GEN by fast
5902    AOT_hence (z p1]x  p1) using "∀E" by fast
5903  } note 2 = this
5904  AOT_hence (z p1]x  p1) using "∀E" by blast
5905  AOT_hence z p1]x
5906    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5907  moreover AOT_have ¬z p1]x
5908    using 2[THEN "qml:2"[axiom_inst, THEN "→E"]]
5909    apply (AOT_subst z p1]x p1)
5910    using 1[THEN "&E"(2)] by blast
5911  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
5912  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
5913  moreover AOT_have z p1] by "cqt:2[lambda]"
5914  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
5915qed
5916
5917(* TODO: inspect modally strict subproof involving obtained variable *)
5918AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
5919proof -
5920  fix x
5921  AOT_obtain p1 where ContingentlyFalse((p1))
5922    using "cont-tf-thm:2" "∃E"[rotated] by blast
5923  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5924  AOT_modally_strict {
5925    AOT_have for arbitrary p:  (z p]x  p)
5926      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5927    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5928      using "oth-class-taut:4:b" "≡E" by blast
5929    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5930      by (rule RN)
5931    AOT_hence p (¬z p]x  ¬p) using GEN by fast
5932    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
5933  } note 2 = this
5934  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
5935  AOT_hence 3: ¬z p1]x
5936    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5937  AOT_modally_strict {
5938    AOT_have for arbitrary p:  (z p]x  p)
5939      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5940    AOT_hence for arbitrary p:  (z p]x  p)
5941      by (rule RN)
5942    AOT_hence p (z p]x  p) using GEN by fast
5943    AOT_hence (z p1]x  p1) using "∀E" by fast
5944  } note 4 = this
5945  AOT_have z p1]x
5946    using 4[THEN "qml:2"[axiom_inst, THEN "→E"]]
5947    apply (AOT_subst z p1]x p1)
5948    using 1[THEN "&E"(2)] by blast
5949  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
5950  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
5951  moreover AOT_have z p1] by "cqt:2[lambda]"
5952  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
5953qed
5954
5955context
5956begin
5957
5958private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
5959    apply (rule "=dfI"(2)[OF L_def])
5960     apply "cqt:2[lambda]"
5961    apply (rule "beta-C-meta"[THEN "→E"])
5962  by "cqt:2[lambda]"
5963
5964private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
5965    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5966
5967private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
5968proof(rule "≡I"; rule "→I"; (rule "∀I")?)
5969  fix x
5970  AOT_assume 1: φ
5971  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
5972  also AOT_have   φ
5973    using "if-p-then-p" 1 "≡I" "→I" by simp
5974  also AOT_have   z φ]x
5975    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
5976  finally AOT_show [L]x  z φ]x.
5977next
5978  fix x
5979  AOT_assume x([L]x  z φ]x)
5980  AOT_hence [L]x  z φ]x using "∀E" by blast
5981  also AOT_have   φ using eqnotnec_123_Aux_ω.
5982  finally AOT_have φ  [L]x
5983    using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5984  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
5985  finally AOT_show φ using "≡E" "if-p-then-p" by fast
5986qed
5987private lemmas eqnotnec_123_Aux_ξ =
5988  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5989    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5990    THEN "RM◇"]
5991private lemmas eqnotnec_123_Aux_ξ' =
5992  eqnotnec_123_Aux_θ[
5993    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5994    THEN "RM◇"]
5995
5996AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5997proof-
5998  AOT_obtain p1 where ContingentlyTrue(p1)
5999    using "cont-tf-thm:1" "∃E"[rotated] by blast
6000  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
6001  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
6002    apply - apply (rule "&I")
6003    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)]
6004          eqnotnec_123_Aux_ξ "→E" by fast+
6005  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
6006    by (rule "∃I") "cqt:2[lambda]"
6007  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
6008    apply (rule "∃I")
6009    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6010qed
6011
6012AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6013proof-
6014  AOT_obtain p1 where ContingentlyFalse(p1)
6015    using "cont-tf-thm:2" "∃E"[rotated] by blast
6016  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
6017  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
6018    apply - apply (rule "&I")
6019    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6020                             THEN "≡E"(1)]
6021          "&E" eqnotnec_123_Aux_ξ' "→E" by fast+
6022  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
6023    by (rule "∃I") "cqt:2[lambda]"
6024  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
6025    apply (rule "∃I")
6026    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6027qed
6028
6029AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6030proof-
6031  AOT_have ¬𝒜q0
6032    apply (rule "=dfI"(2)[OF q0_def])
6033     apply (fact "log-prop-prop:2")
6034    by (fact AOT)
6035  AOT_hence 𝒜¬q0
6036    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6037  AOT_hence 𝒜¬x ([L]x  z q0]x)
6038    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6039            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6040            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
6041  moreover AOT_have x ([L]x  z q0]x)
6042    using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
6043  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x)
6044    using "&I" by blast
6045  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
6046    by (rule "∃I") "cqt:2[lambda]"
6047  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6048    apply (rule "∃I")
6049    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6050qed
6051
6052end
6053
6054AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6055proof(rule GEN)
6056  fix F
6057  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6058  proof(rule "→I"; rule GEN)
6059    AOT_modally_strict {
6060    fix x
6061    AOT_assume 0: ψ
6062    AOT_have z [F]z & ψ]x  [F]x & ψ
6063      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6064    also AOT_have ...  [F]x
6065      apply (rule "≡I"; rule "→I")
6066      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6067      apply blast
6068      using 0 "&I" by blast
6069    finally AOT_show [F]x  z [F]z & ψ]x
6070      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6071    }
6072  qed
6073
6074  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6075  proof (rule "→I"; rule GEN)
6076    AOT_modally_strict {
6077      fix x
6078      AOT_assume 0: ψ
6079      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6080        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6081      also AOT_have ...  [F]x
6082        apply (rule "≡I"; rule "→I")
6083        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6084         apply blast
6085        apply (rule "∨I"(1)) using 0 "&I" by blast
6086      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6087        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6088    }
6089  qed
6090
6091  AOT_have Aux_C:
6092     ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6093  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
6094  AOT_modally_strict {
6095      AOT_assume 0: ¬ψ
6096      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6097      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6098        using "∀E" by blast
6099      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6100          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6101      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6102        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6103      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6104        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6105      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
6106      ultimately AOT_have ψ using "≡E" "&E" by metis
6107      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6108    }
6109  qed
6110
6111  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6112      (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6113       ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6114  proof (rule "→I")
6115    AOT_assume A: z([F]z  z [F]z & ψ]z)
6116    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6117              ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6118    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
6119          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
6120          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6121      AOT_modally_strict {
6122        AOT_assume z ([F]z  z [F]z & ψ]z)
6123        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6124          using "∀E" by blast
6125        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6126        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6127          using "∀E" by blast
6128        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6129          using "≡E" 1 2 by meson
6130        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6131          by (rule GEN)
6132      }
6133    next
6134      AOT_modally_strict {
6135        AOT_assume z ([F]z  z [F]z & ψ]z)
6136        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6137          using "∀E" by blast
6138        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6139        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6140          using "∀E" by blast
6141        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6142          using 1 2 "≡E" by meson
6143        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6144          by (rule GEN)
6145      }
6146    qed(auto simp: A)
6147  qed
6148
6149  AOT_obtain p1 where p1_prop: p1 & ¬p1
6150    using "cont-tf-thm:1" "∃E"[rotated]
6151          "cont-tf:1"[THEN "≡dfE"] by blast
6152  {
6153    AOT_assume 1: x([F]x  z [F]z & p1]x)
6154    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6155      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6156    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6157      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6158    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6159      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6160    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) &
6161               ¬x([F]x  z [F]z & p1  ¬p1]x)
6162      using 2 "&I" by blast
6163    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6164      by (rule "∃I"(1)) "cqt:2[lambda]"
6165  }
6166  moreover {
6167    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6168    AOT_hence ¬x([F]x  z [F]z & p1]x)
6169      using "KBasic:11"[THEN "≡E"(1)] by blast
6170    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
6171      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
6172    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6173      by (rule "∃I"(1)) "cqt:2[lambda]"
6174  }
6175  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6176    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6177qed
6178
6179AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6180proof(rule GEN)
6181  fix F
6182  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6183  proof(rule "RM◇"; rule "→I"; rule GEN)
6184    AOT_modally_strict {
6185    fix x
6186    AOT_assume 0: ψ
6187    AOT_have z [F]z & ψ]x  [F]x & ψ
6188      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6189    also AOT_have ...  [F]x
6190      apply (rule "≡I"; rule "→I")
6191      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6192       apply blast
6193      using 0 "&I" by blast
6194    finally AOT_show [F]x  z [F]z & ψ]x
6195      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6196    }
6197  qed
6198
6199  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6200  proof (rule "RM◇"; rule "→I"; rule GEN)
6201    AOT_modally_strict {
6202      fix x
6203      AOT_assume 0: ψ
6204      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6205        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6206      also AOT_have ...  [F]x
6207        apply (rule "≡I"; rule "→I")
6208        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6209         apply blast
6210        apply (rule "∨I"(1)) using 0 "&I" by blast
6211      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6212        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6213    }
6214  qed
6215
6216  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6217  proof(rule "→I"; rule "raa-cor:2")
6218  AOT_modally_strict {
6219      AOT_assume 0: ¬ψ
6220      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6221      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6222        using "∀E" by blast
6223      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6224          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6225      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6226        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6227      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6228        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6229      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6230        using 0 "∨I" by blast
6231      ultimately AOT_have ψ using "≡E" "&E" by metis
6232      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6233    }
6234  qed
6235
6236  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6237    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6238     ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6239  proof (rule "→I"; rule "≡I";
6240         (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6241    AOT_modally_strict {
6242      AOT_assume z ([F]z  z [F]z & ψ]z)
6243      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6244        using "∀E" by blast
6245      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6246      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6247        using "∀E" by blast
6248      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6249        using "≡E" 1 2 by meson
6250      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6251        by (rule GEN)
6252    }
6253  next
6254    AOT_modally_strict {
6255      AOT_assume z ([F]z  z [F]z & ψ]z)
6256      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6257        using "∀E" by blast
6258      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6259      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6260        using "∀E" by blast
6261      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6262        using 1 2 "≡E" by meson
6263      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6264        by (rule GEN)
6265    }
6266  qed
6267
6268  AOT_obtain p1 where p1_prop: ¬p1 & p1
6269    using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
6270  {
6271    AOT_assume 1: x([F]x  z [F]z & p1]x)
6272    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6273      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6274    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6275      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6276    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6277      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6278    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) &
6279               x([F]x  z [F]z & p1  ¬p1]x)
6280      using 2 "&I" by blast
6281    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6282      by (rule "∃I"(1)) "cqt:2[lambda]"
6283  }
6284  moreover {
6285    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6286    AOT_hence ¬x([F]x  z [F]z & p1]x)
6287      using "KBasic:11"[THEN "≡E"(1)] by blast
6288    AOT_hence ¬x ([F]x  z [F]z & p1]x) &
6289               x([F]x  z [F]z & p1]x)
6290      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
6291    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6292      by (rule "∃I"(1)) "cqt:2[lambda]"
6293  }
6294  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6295    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6296qed
6297
6298AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6299proof(rule GEN)
6300  fix F
6301  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6302  proof(rule "RM◇"; rule "→I"; rule GEN)
6303    AOT_modally_strict {
6304    fix x
6305    AOT_assume 0: ψ
6306    AOT_have z [F]z & ψ]x  [F]x & ψ
6307      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6308    also AOT_have ...  [F]x
6309      apply (rule "≡I"; rule "→I")
6310      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6311       apply blast
6312      using 0 "&I" by blast
6313    finally AOT_show [F]x  z [F]z & ψ]x
6314      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6315    }
6316  qed
6317
6318  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6319  proof (rule "RM◇"; rule "→I"; rule GEN)
6320    AOT_modally_strict {
6321      fix x
6322      AOT_assume 0: ψ
6323      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6324        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6325      also AOT_have ...  [F]x
6326        apply (rule "≡I"; rule "→I")
6327        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6328         apply blast
6329        apply (rule "∨I"(1)) using 0 "&I" by blast
6330      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6331        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6332    }
6333  qed
6334
6335  AOT_have Aux_C:
6336     𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6337  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
6338  AOT_modally_strict {
6339      AOT_assume 0: ¬ψ
6340      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6341      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6342        using "∀E" by blast
6343      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6344          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6345      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6346        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6347      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6348        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6349      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6350        using 0 "∨I" by blast
6351      ultimately AOT_have ψ using "≡E" "&E" by metis
6352      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6353    }
6354  qed
6355
6356  AOT_have (z ([F]z  z [F]z & ψ]z) 
6357    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6358     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6359  proof (rule RN; rule "→I")
6360    AOT_modally_strict {
6361        AOT_assume z ([F]z  z [F]z & ψ]z)
6362        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6363                  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6364          apply -
6365        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6366          AOT_assume z ([F]z  z [F]z & ψ]z)
6367          AOT_hence 1: [F]z  z [F]z & ψ]z for z
6368            using "∀E" by blast
6369          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6370          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6371            using "∀E" by blast
6372          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6373            using "≡E" 1 2 by meson
6374          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6375            by (rule GEN)
6376        next
6377            AOT_assume z ([F]z  z [F]z & ψ]z)
6378            AOT_hence 1: [F]z  z [F]z & ψ]z for z
6379              using "∀E" by blast
6380            AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6381            AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6382              using "∀E" by blast
6383            AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6384              using 1 2 "≡E" by meson
6385            AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6386              by (rule GEN)
6387        qed
6388    }
6389  qed
6390  AOT_hence 𝒜(z ([F]z  z [F]z & ψ]z) 
6391    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6392     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6393    using "nec-imp-act"[THEN "→E"] by blast
6394  AOT_hence 𝒜z ([F]z  z [F]z & ψ]z) 
6395    𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6396    ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6397    using "act-cond"[THEN "→E"] by blast
6398  AOT_hence Aux_D: 𝒜z ([F]z  z [F]z & ψ]z) 
6399    (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6400     𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6401    by (auto intro!: "→I" "Act-Basic:5"[THEN "≡E"(1)] dest!: "→E")
6402
6403  AOT_have ¬𝒜q0
6404    apply (rule "=dfI"(2)[OF q0_def])
6405     apply (fact "log-prop-prop:2")
6406    by (fact AOT)
6407  AOT_hence q0_prop_1: 𝒜¬q0
6408    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6409  {
6410    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
6411    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
6412      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
6413    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
6414      using Aux_C[THEN "→E", OF q0_prop_1].
6415    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
6416      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6417    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) &
6418               x([F]x  z [F]z & q0  ¬q0]x)
6419      using 2 "&I" by blast
6420    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6421      by (rule "∃I"(1)) "cqt:2[lambda]"
6422  }
6423  moreover {
6424    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
6425    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
6426      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6427    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
6428      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
6429    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6430      by (rule "∃I"(1)) "cqt:2[lambda]"
6431  }
6432  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6433    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6434qed
6435
6436AOT_theorem "oa-contingent:1": O!  A!
6437proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6438  fix x
6439  AOT_assume 1: O! = A!
6440  AOT_hence x E!x] = A!
6441    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6442  AOT_hence x E!x] = x ¬E!x]
6443    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6444  moreover AOT_have x E!x]x  E!x
6445    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6446  ultimately AOT_have x ¬E!x]x  E!x
6447    using "rule=E" by fast
6448  moreover AOT_have x ¬E!x]x  ¬E!x
6449    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6450  ultimately AOT_have E!x  ¬E!x
6451    using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
6452  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)"
6453    using "oth-class-taut:3:c" "&I" by blast
6454qed
6455
6456AOT_theorem "oa-contingent:2": O!x  ¬A!x
6457proof -
6458  AOT_have O!x  x E!x]x
6459    apply (rule "≡I"; rule "→I")
6460     apply (rule "=dfE"(2)[OF AOT_ordinary])
6461      apply "cqt:2[lambda]"
6462     apply argo
6463    apply (rule  "=dfI"(2)[OF AOT_ordinary])
6464     apply "cqt:2[lambda]"
6465    by argo
6466  also AOT_have   E!x
6467    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6468  also AOT_have   ¬¬E!x
6469    using "oth-class-taut:3:b".
6470  also AOT_have   ¬x ¬E!x]x
6471    by (rule "beta-C-meta"[THEN "→E",
6472              THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6473       "cqt:2"
6474  also AOT_have   ¬A!x
6475    apply (rule "≡I"; rule "→I")
6476     apply (rule "=dfI"(2)[OF AOT_abstract])
6477      apply "cqt:2[lambda]"
6478     apply argo
6479    apply (rule "=dfE"(2)[OF AOT_abstract])
6480     apply "cqt:2[lambda]"
6481    by argo
6482  finally show ?thesis.
6483qed
6484
6485AOT_theorem "oa-contingent:3": A!x  ¬O!x
6486  by (AOT_subst A!x ¬¬A!x)
6487     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN
6488         "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6489
6490AOT_theorem "oa-contingent:4": Contingent(O!)
6491proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)];
6492       rule "&I")
6493  AOT_have x E!x using "thm-cont-e:3" .
6494  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6495  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6496  AOT_hence x E!x]a
6497    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2"
6498  AOT_hence O!a
6499    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
6500  AOT_hence x O!x using "∃I" by blast
6501  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
6502next
6503  AOT_obtain a where A!a
6504    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6505  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
6506  AOT_hence x ¬O!x using "∃I" by fast
6507  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
6508qed
6509
6510AOT_theorem "oa-contingent:5": Contingent(A!)
6511proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)];
6512       rule "&I")
6513  AOT_obtain a where A!a
6514    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6515  AOT_hence x A!x using "∃I" by fast
6516  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
6517next
6518  AOT_have x E!x using "thm-cont-e:3" .
6519  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6520  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6521  AOT_hence x E!x]a
6522    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
6523  AOT_hence O!a
6524    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6525  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
6526  AOT_hence x ¬A!x using "∃I" by fast
6527  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
6528qed
6529
6530AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
6531proof -
6532  AOT_have O!x  ¬A!x
6533    using "oa-contingent:2" by blast
6534  also AOT_have   A!-x
6535    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
6536  finally AOT_have 1: O!x  A!-x.
6537
6538  AOT_have A!x  ¬O!x
6539    using "oa-contingent:3" by blast
6540  also AOT_have   O!-x
6541    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
6542  finally AOT_have 2: A!x  O!-x.
6543
6544  AOT_show O!-x  ¬A!-x
6545    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
6546          "oa-contingent:3"[of _ x] 2[symmetric]
6547          "≡E"(5) by blast
6548qed
6549
6550AOT_theorem "oa-contingent:6": O!-  A!-
6551proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6552  AOT_assume 1: O!- = A!-
6553  fix x
6554  AOT_have A!-x  O!-x
6555    apply (rule "rule=E"[rotated, OF 1])
6556    by (fact "oth-class-taut:3:a")
6557  AOT_hence A!-x  ¬A!-x
6558    using "oa-contingent:7" "≡E" by fast
6559  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x)
6560    using "oth-class-taut:3:c" "&I" by blast
6561qed
6562
6563AOT_theorem "oa-contingent:8": Contingent(O!-)
6564  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1),
6565          OF "oa-contingent:4"].
6566
6567AOT_theorem "oa-contingent:9": Contingent(A!-)
6568  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1),
6569          OF "oa-contingent:5"].
6570
6571AOT_define WeaklyContingent :: ‹Π  φ› (WeaklyContingent'(_'))
6572  "df-cont-nec":
6573  WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)
6574
6575AOT_theorem "cont-nec-fact1:1":
6576  WeaklyContingent([F])  WeaklyContingent([F]-)
6577proof -
6578  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
6579    using "df-cont-nec"[THEN "≡Df"] by blast
6580  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
6581    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
6582    using "thm-cont-prop:3".
6583  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
6584  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)];
6585         rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
6586    fix x
6587    AOT_assume 0: x ([F]x  [F]x)
6588    AOT_assume 1: [F]-x
6589    AOT_have ¬[F]x
6590      by (AOT_subst (reverse) ¬[F]x [F]-x)
6591         (auto simp add: "thm-relation-negation:1" 1)
6592    AOT_hence 2: ¬[F]x
6593      using "KBasic:11"[THEN "≡E"(2)] by blast
6594    AOT_show [F]-x
6595    proof (rule "raa-cor:1")
6596      AOT_assume 3: ¬[F]-x
6597      AOT_have ¬¬[F]x
6598        by (AOT_subst (reverse) ¬[F]x [F]-x)
6599           (auto simp add: "thm-relation-negation:1" 3)
6600      AOT_hence [F]x
6601        using "conventions:5"[THEN "≡dfI"] by simp
6602      AOT_hence [F]x using 0 "∀E" "→E" by fast
6603      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
6604    qed
6605  next
6606    fix x
6607    AOT_assume 0: x ([F]-x  [F]-x)
6608    AOT_assume 1: [F]x
6609    AOT_have ¬[F]-x
6610      by (AOT_subst ¬[F]-x [F]x)
6611         (auto simp: "thm-relation-negation:2" 1)
6612    AOT_hence 2: ¬[F]-x
6613      using "KBasic:11"[THEN "≡E"(2)] by blast
6614    AOT_show [F]x
6615    proof (rule "raa-cor:1")
6616      AOT_assume 3: ¬[F]x
6617      AOT_have ¬¬[F]-x
6618        by (AOT_subst ¬[F]-x [F]x)
6619           (auto simp add: "thm-relation-negation:2" 3)
6620      AOT_hence [F]-x
6621        using "conventions:5"[THEN "≡dfI"] by simp
6622      AOT_hence [F]-x using 0 "∀E" "→E" by fast
6623      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
6624    qed
6625  qed
6626  also AOT_have   WeaklyContingent([F]-)
6627    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
6628  finally show ?thesis.
6629qed
6630
6631AOT_theorem "cont-nec-fact1:2":
6632  (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
6633proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6634  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
6635  AOT_hence WeaklyContingent([F]) using "&E" by blast
6636  moreover AOT_assume F = G
6637  ultimately AOT_have WeaklyContingent([G])
6638    using "rule=E" by blast
6639  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
6640    using 1 "&I" "&E" by blast
6641qed
6642
6643AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
6644proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6645  AOT_show Contingent(O!)
6646    using "oa-contingent:4".
6647next
6648  AOT_show x ([O!]x  [O!]x)
6649    apply (rule GEN; rule "→I")
6650    using "oa-facts:5"[THEN "≡E"(1)] by blast
6651qed
6652
6653
6654AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
6655proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6656  AOT_show Contingent(A!)
6657    using "oa-contingent:5".
6658next
6659  AOT_show x ([A!]x  [A!]x)
6660    apply (rule GEN; rule "→I")
6661    using "oa-facts:6"[THEN "≡E"(1)] by blast
6662qed
6663
6664AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
6665proof (rule "df-cont-nec"[THEN "≡Df",
6666                          THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6667                          THEN "≡E"(2)];
6668       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
6669  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
6670  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
6671  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
6672  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
6673  moreover AOT_assume x ([E!]x  [E!]x)
6674  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
6675  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
6676  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
6677  moreover AOT_have ¬𝒜E!a
6678    using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
6679  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
6680  AOT_thus p & ¬p for p using "raa-cor:1" by blast
6681qed
6682
6683AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
6684  apply (rule "df-cont-nec"[THEN "≡Df",
6685                            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6686                            THEN "≡E"(2)];
6687       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
6688  apply (rule "contingent-properties:4"
6689                [THEN "≡Df",
6690                 THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6691                 THEN "≡E"(2)])
6692  apply (rule DeMorgan(1)[THEN "≡E"(2)];
6693         rule "∨I"(2);
6694         rule "useful-tautologies:2"[THEN "→E"])
6695  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
6696
6697(* TODO: cleanup *)
6698AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
6699proof -
6700  AOT_have 1: L
6701    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6702  {
6703    fix φ and Π Π' :: <κ>
6704    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6705    proof (rule "raa-cor:2")
6706      AOT_assume φ{Π'}  φ{Π}
6707      AOT_hence φ{Π'} using that(1) "≡E" by blast
6708      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6709    qed
6710    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6711      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6712                                 OF that(1,2), OF A[OF that(3, 4)]].
6713  } note 0 = this
6714  show ?thesis
6715    apply(safe intro!: "&I"; rule 0)
6716    using "cqt:2[concrete]"[axiom_inst] apply blast
6717    using "oa-exist:1" apply blast
6718    using "cont-nec-fact2:3" apply fast
6719    apply (rule "useful-tautologies:2"[THEN "→E"])
6720    using "cont-nec-fact2:1" apply fast
6721    using "rel-neg-T:3" apply fast
6722    using "oa-exist:1" apply blast
6723    using "cont-nec-fact1:1"[unvarify F,
6724            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6725            THEN "≡E"(1), rotated, OF "cont-nec-fact2:3",
6726            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6727    apply (rule "useful-tautologies:2"[THEN "→E"])
6728    using "cont-nec-fact2:1" apply blast
6729    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6730    using "oa-exist:1" apply fast
6731    using "cont-nec-fact2:4" apply fast
6732    apply (rule "useful-tautologies:2"[THEN "→E"])
6733    using "cont-nec-fact2:1" apply fast
6734    using "rel-neg-T:3" apply fast
6735    using "oa-exist:1" apply fast
6736     apply (rule "cont-nec-fact1:1"[unvarify F,
6737                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6738                    THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6739    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6740    apply (rule "useful-tautologies:2"[THEN "→E"])
6741    using "cont-nec-fact2:1" by blast
6742qed
6743
6744(* TODO: cleanup together with above *)
6745AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
6746proof -
6747  AOT_have 1: L
6748    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6749  {
6750    fix φ and Π Π' :: <κ>
6751    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6752    proof (rule "raa-cor:2")
6753      AOT_assume φ{Π'}  φ{Π}
6754      AOT_hence φ{Π'} using that(1) "≡E" by blast
6755      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6756    qed
6757    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6758      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6759              OF that(1,2), OF A[OF that(3, 4)]].
6760  } note 0 = this
6761  show ?thesis
6762    apply(safe intro!: "&I"; rule 0)
6763    using "cqt:2[concrete]"[axiom_inst] apply blast
6764    using "oa-exist:2" apply blast
6765    using "cont-nec-fact2:3" apply fast
6766    apply (rule "useful-tautologies:2"[THEN "→E"])
6767    using "cont-nec-fact2:2" apply fast
6768    using "rel-neg-T:3" apply fast
6769    using "oa-exist:2" apply blast
6770    using "cont-nec-fact1:1"[unvarify F,
6771            THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1),
6772            rotated, OF "cont-nec-fact2:3",
6773            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6774    apply (rule "useful-tautologies:2"[THEN "→E"])
6775    using "cont-nec-fact2:2" apply blast
6776    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6777    using "oa-exist:2" apply fast
6778    using "cont-nec-fact2:4" apply fast
6779    apply (rule "useful-tautologies:2"[THEN "→E"])
6780    using "cont-nec-fact2:2" apply fast
6781    using "rel-neg-T:3" apply fast
6782    using "oa-exist:2" apply fast
6783     apply (rule "cont-nec-fact1:1"[unvarify F,
6784              THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6785              THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6786     apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6787    apply (rule "useful-tautologies:2"[THEN "→E"])
6788    using "cont-nec-fact2:2" by blast
6789qed
6790
6791AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
6792  Δp df p  (¬𝒜p & p)
6793
6794AOT_theorem sixteen:
6795 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
6796  «F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 &
6797    F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 &
6798    F1  F14 & F1  F15 & F1  F16 &
6799  F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 &
6800    F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 &
6801    F2  F15 & F2  F16 &
6802  F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 &
6803    F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
6804  F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 &
6805    F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
6806  F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 &
6807    F5  F13 & F5  F14 & F5  F15 & F5  F16 &
6808  F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 &
6809    F6  F14 & F6  F15 & F6  F16 &
6810  F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 &
6811    F7  F15 & F7  F16 &
6812  F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 &
6813    F8  F16 &
6814  F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
6815  F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
6816  F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
6817  F12  F13 & F12  F14 & F12  F15 & F12  F16 &
6818  F13  F14 & F13  F15 & F13  F16 &
6819  F14  F15 & F14  F16 &
6820  F15  F16) 
6821proof -
6822  AOT_have Delta_pos: Δφ  φ for φ
6823  proof(rule "→I")
6824    AOT_assume Δφ
6825    AOT_hence φ  (¬𝒜φ & φ)
6826      using "≡dfE"[OF necessary_or_contingently_false] by blast
6827    moreover {
6828      AOT_assume φ
6829      AOT_hence φ
6830        by (metis "B◇" "T◇" "vdash-properties:10")
6831    }
6832    moreover {
6833      AOT_assume ¬𝒜φ & φ
6834      AOT_hence φ
6835        using "&E" by blast
6836    }
6837    ultimately AOT_show φ
6838      by (metis "∨E"(2) "raa-cor:1") 
6839  qed
6840
6841  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6842    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false
6843          "raa-cor:3" that(1,2) by blast
6844  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6845    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1,2) by blast
6846  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
6847    using Delta_pos "modus-tollens:1" that by blast
6848  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
6849    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1,2))
6850  AOT_have nec_delta: Δφ if φ for φ
6851    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
6852
6853  AOT_obtain a where a_prop: A!a
6854    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6855  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
6856    using "pos-not-pna:3" using "∃E"[rotated] by blast
6857
6858  AOT_have b_ord: [O!]b
6859  proof(rule "=dfI"(2)[OF AOT_ordinary])
6860    AOT_show x [E!]x] by "cqt:2[lambda]"
6861  next
6862    AOT_show x [E!]x]b
6863    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
6864      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
6865      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
6866    qed
6867  qed
6868
6869  AOT_have nec_not_L_neg: ¬[L-]x for x
6870    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
6871          CBF[THEN "→E"] "∀E" by blast
6872  AOT_have nec_L: [L]x for x
6873    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
6874      CBF[THEN "→E"] "∀E" by blast
6875
6876  AOT_have act_ord_b: 𝒜[O!]b
6877    using b_ord "≡E"(1) "oa-facts:7" by blast
6878  AOT_have delta_ord_b: Δ[O!]b
6879    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false
6880              "oa-facts:1" "→E")
6881  AOT_have not_act_ord_a: ¬𝒜[O!]a
6882    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
6883  AOT_have not_delta_ord_a: ¬Δ[O!]a
6884    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7"
6885              "reductio-aa:1" "→E")
6886
6887  AOT_have not_act_abs_b: ¬𝒜[A!]b
6888    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
6889  AOT_have not_delta_abs_b: ¬Δ[A!]b
6890  proof(rule "raa-cor:2")
6891    AOT_assume Δ[A!]b
6892    AOT_hence [A!]b
6893      by (metis Delta_pos "vdash-properties:10")
6894    AOT_thus [A!]b & ¬[A!]b
6895      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2"
6896                "oa-facts:4" "→E")
6897  qed
6898  AOT_have act_abs_a: 𝒜[A!]a
6899    using a_prop "≡E"(1) "oa-facts:8" by blast
6900  AOT_have delta_abs_a: Δ[A!]a
6901    by (metis "≡dfI" a_prop "oa-facts:2" "→E" "∨I"(1)
6902              necessary_or_contingently_false)
6903
6904  AOT_have not_act_concrete_b: ¬𝒜[E!]b
6905    using b_prop "&E"(2) by blast
6906  AOT_have delta_concrete_b: Δ[E!]b
6907  proof (rule "≡dfI"[OF necessary_or_contingently_false];
6908         rule "∨I"(2); rule "&I")
6909    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
6910  next
6911    AOT_show [E!]b using b_prop "&E"(1) by blast
6912  qed
6913  AOT_have not_act_concrete_a: ¬𝒜[E!]a
6914  proof (rule "raa-cor:2")
6915    AOT_assume 𝒜[E!]a
6916    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "→E")
6917    AOT_have [A!]a by (simp add: a_prop)
6918    AOT_hence x ¬[E!]x]a
6919      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2"
6920    AOT_hence ¬[E!]a using "β→C"(1) by blast
6921    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
6922  qed
6923  AOT_have not_delta_concrete_a: ¬Δ[E!]a
6924  proof (rule "raa-cor:2")
6925    AOT_assume Δ[E!]a
6926    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
6927    AOT_have [A!]a by (simp add: a_prop)
6928    AOT_hence x ¬[E!]x]a
6929      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6930    AOT_hence ¬[E!]a using "β→C"(1) by blast
6931    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
6932  qed
6933
6934  AOT_have not_act_q_zero: ¬𝒜q0
6935    by (meson "log-prop-prop:2" "pos-not-pna:1"
6936              q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
6937  AOT_have delta_q_zero: Δq0
6938  proof(rule "≡dfI"[OF necessary_or_contingently_false];
6939        rule "∨I"(2); rule "&I")
6940    AOT_show ¬𝒜q0 using not_act_q_zero.
6941    AOT_show q0 by (meson "&E"(1) q0_prop)
6942  qed
6943  AOT_have act_not_q_zero: 𝒜¬q0
6944    using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
6945  AOT_have not_delta_not_q_zero: ¬Δ¬q0
6946    using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
6947          "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
6948
6949  AOT_have [L-] by (simp add: "rel-neg-T:3")
6950  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
6951  proof (safe intro!: "&I")
6952    AOT_show ¬𝒜[L-]b
6953      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act"
6954                nec_not_L_neg "→E")
6955    AOT_show ¬Δ[L-]b
6956      by (meson Delta_pos "KBasic2:1" "≡E"(1)
6957                "modus-tollens:1" nec_not_L_neg)
6958    AOT_show ¬𝒜[L-]a
6959      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst]
6960                "nec-imp-act" nec_not_L_neg "→E")
6961    AOT_show ¬Δ[L-]a
6962      using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1"
6963            nec_not_L_neg by blast
6964  qed
6965  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
6966    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6967  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
6968    using "&E" by blast+
6969  note props = this
6970
6971  let  = "«y [A!]y & q0]»"
6972  AOT_modally_strict {
6973    AOT_have [«»] by "cqt:2[lambda]"
6974  } note 1 = this
6975  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6976  proof (safe intro!: "&I"; AOT_subst y A!y & q0]x A!x & q0 for: x)
6977    AOT_show ¬𝒜([A!]b & q0)
6978      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
6979  next AOT_show ¬Δ([A!]b & q0)
6980      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b
6981                "oa-facts:4" "oa-facts:8" "raa-cor:3" "→E")
6982  next AOT_show ¬𝒜([A!]a & q0)
6983      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero
6984            "raa-cor:3" by blast
6985  next AOT_show Δ([A!]a & q0)
6986    proof (rule not_act_and_pos_delta)
6987      AOT_show ¬𝒜([A!]a & q0)
6988        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero
6989              "raa-cor:3" by blast
6990    next AOT_show ([A!]a & q0)
6991        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a
6992                  "≡E"(1) "oa-facts:6" q0_prop)
6993    qed
6994  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6995  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
6996    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6997  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
6998    using "&E" by blast+
6999  note props = props this
7000
7001  let  = "«y [A!]y & ¬q0]»"
7002  AOT_modally_strict {
7003    AOT_have [«»] by "cqt:2[lambda]"
7004  } note 1 = this
7005  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7006  proof (safe intro!: "&I"; AOT_subst y A!y & ¬q0]x A!x & ¬q0 for: x)
7007    AOT_show ¬𝒜([A!]b & ¬q0)
7008      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7009  next AOT_show ¬Δ([A!]b & ¬q0)
7010      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4)
7011                "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
7012  next AOT_show 𝒜([A!]a & ¬q0)
7013      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7014                "≡E"(3) not_act_q_zero "raa-cor:3")
7015  next AOT_show ¬Δ([A!]a & ¬q0)
7016    proof (rule act_and_not_nec_not_delta)
7017      AOT_show 𝒜([A!]a & ¬q0)
7018        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7019                  "≡E"(3) not_act_q_zero "raa-cor:3")
7020    next
7021      AOT_show ¬([A!]a & ¬q0)
7022        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4)
7023                  q0_prop "raa-cor:3")
7024    qed
7025  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7026  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
7027    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7028  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
7029    using "&E" by blast+
7030  note props = props this
7031
7032  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
7033    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b
7034    by presburger
7035  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
7036    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
7037  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
7038    using "&E" by blast+
7039  note props = props this
7040
7041  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
7042    by (meson "&I" delta_concrete_b not_act_concrete_a
7043              not_act_concrete_b not_delta_concrete_a)
7044  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
7045    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7046    by fastforce
7047  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
7048    using "&E" by blast+
7049  note props = props this
7050
7051  AOT_modally_strict {
7052    AOT_have y q0] by "cqt:2[lambda]"
7053  } note 1 = this
7054  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
7055    by (safe intro!: "&I"; AOT_subst y q0]b q0 for: b)
7056       (auto simp: not_act_q_zero delta_q_zero  "beta-C-meta"[THEN "→E", OF 1])
7057  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
7058    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7059    by fastforce
7060  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
7061    using "&E" by blast+
7062  note props = props this
7063
7064  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
7065  AOT_modally_strict {
7066    AOT_have [«»] by "cqt:2[lambda]"
7067  } note 1 = this
7068  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7069  proof(safe intro!: "&I";
7070        AOT_subst y E!y  (A!y & ¬q0)]x E!x  (A!x & ¬q0) for: x)
7071    AOT_have 𝒜¬([A!]b & ¬q0)
7072      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
7073                "≡E"(1) "raa-cor:3")
7074    moreover AOT_have ¬𝒜[E!]b
7075      using b_prop "&E"(2) by blast
7076    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
7077      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
7078    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
7079      by (AOT_subst ¬([E!]b  ([A!]b & ¬q0)) ¬[E!]b & ¬([A!]b & ¬q0))
7080         (auto simp: "oth-class-taut:5:d" 2)
7081    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
7082      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
7083  next
7084    AOT_show Δ([E!]b  ([A!]b & ¬q0))
7085    proof (rule not_act_and_pos_delta)
7086      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
7087        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "raa-cor:3"
7088                  "Conjunction Simplification"(1) "≡E"(4)
7089                  "modus-tollens:1" not_act_abs_b not_act_concrete_b)
7090    next
7091      AOT_show ([E!]b  ([A!]b & ¬q0))
7092        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
7093    qed
7094  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7095      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7096                "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7097  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
7098    proof (rule act_and_not_nec_not_delta)
7099      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7100        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7101                  "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7102    next
7103      AOT_have ¬[E!]a
7104        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2)
7105                  necessary_or_contingently_false
7106                  not_act_concrete_a not_delta_concrete_a "raa-cor:3")
7107      moreover AOT_have ¬([A!]a & ¬q0)
7108        by (metis "KBasic2:1" "KBasic:11" "KBasic:3"
7109                  "&E"(1,2) "≡E"(1) q0_prop "raa-cor:3")
7110      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0))
7111        by (metis "KBasic:16" "&I" "vdash-properties:10")
7112      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
7113        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
7114      AOT_thus ¬([E!]a  ([A!]a & ¬q0))
7115        by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
7116    qed
7117  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7118  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
7119    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7120  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
7121    using "&E" by blast+
7122  note props = props this
7123
7124  let  = "«y [A!]y  [E!]y]»"
7125  AOT_modally_strict {
7126    AOT_have [«»] by "cqt:2[lambda]"
7127  } note 1 = this
7128  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
7129  proof(safe intro!: "&I"; AOT_subst y A!y  E!y]x A!x  E!x for: x)
7130    AOT_show ¬𝒜([A!]b  [E!]b)
7131      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7132            not_act_concrete_b "raa-cor:3" by blast
7133  next AOT_show Δ([A!]b  [E!]b)
7134    proof (rule not_act_and_pos_delta)
7135      AOT_show ¬𝒜([A!]b  [E!]b)
7136        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7137              not_act_concrete_b "raa-cor:3" by blast
7138    next AOT_show ([A!]b  [E!]b)
7139        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
7140    qed
7141  next AOT_show 𝒜([A!]a  [E!]a)
7142      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
7143  next AOT_show Δ([A!]a  [E!]a)
7144    proof (rule nec_delta)
7145      AOT_show ([A!]a  [E!]a)
7146        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta
7147                  "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "→E")
7148    qed
7149  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7150  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
7151    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7152  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
7153    using "&E" by blast+
7154  note props = props this
7155
7156  let  = "«y [O!]y & ¬[E!]y]»"
7157  AOT_modally_strict {
7158    AOT_have [«»] by "cqt:2[lambda]"
7159  } note 1 = this
7160  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
7161  proof(safe intro!: "&I"; AOT_subst y O!y & ¬E!y]x O!x & ¬E!x for: x)
7162    AOT_show 𝒜([O!]b & ¬[E!]b)
7163      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2)
7164                "≡E"(3) not_act_concrete_b "raa-cor:3")
7165  next AOT_show ¬Δ([O!]b & ¬[E!]b)
7166      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1"
7167                act_and_not_nec_not_delta "act-conj-act:3"
7168                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2)
7169                "df-rules-formulas[3]"
7170                "≡E"(3) "raa-cor:1" "→E")
7171  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
7172      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
7173  next AOT_have ¬([O!]a & ¬[E!]a)
7174      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3"
7175                "oa-facts:7" "raa-cor:3" "vdash-properties:10")
7176    AOT_thus ¬Δ([O!]a & ¬[E!]a)
7177      by (rule impossible_delta)
7178  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7179  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
7180    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7181  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
7182    using "&E" by blast+
7183  note props = props this
7184
7185  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
7186  AOT_modally_strict {
7187    AOT_have [«»] by "cqt:2[lambda]"
7188  } note 1 = this
7189  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7190  proof(safe intro!: "&I";
7191        AOT_subst y ¬E!y & (O!y  q0)]x ¬E!x & (O!x  q0) for: x)
7192    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7193      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7194                "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7195  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
7196    proof (rule act_and_pos_not_not_delta)
7197      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7198        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7199                  "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7200    next
7201      AOT_show ¬(¬[E!]b & ([O!]b  q0))
7202      proof (AOT_subst ¬(¬[E!]b & ([O!]b  q0)) [E!]b  ¬([O!]b  q0))
7203        AOT_modally_strict {
7204          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
7205            by (metis "&I" "&E"(1,2) "∨I"(1,2) "∨E"(2)
7206                      "→I" "≡I" "reductio-aa:1")
7207        }
7208      next
7209        AOT_show ([E!]b  ¬([O!]b  q0))
7210          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3)
7211                "raa-cor:3" by blast
7212       qed
7213     qed
7214   next
7215     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7216       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7217             not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
7218   next
7219     AOT_show Δ(¬[E!]a & ([O!]a  q0))
7220     proof (rule not_act_and_pos_delta)
7221       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7222         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7223                   not_act_ord_a not_act_q_zero "reductio-aa:2")
7224     next
7225       AOT_have ¬[E!]a
7226         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a
7227               not_delta_concrete_a "raa-cor:5" by blast
7228       moreover AOT_have ([O!]a  q0)
7229         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
7230       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
7231         by (metis "KBasic:16" "&I" "vdash-properties:10")
7232     qed
7233   qed(auto simp:  "beta-C-meta"[THEN "→E", OF 1])
7234  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
7235    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7236  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
7237    using "&E" by blast+
7238  note props = props this
7239
7240  AOT_modally_strict {
7241    AOT_have y ¬q0] by "cqt:2[lambda]"
7242  } note 1 = this
7243  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
7244    by (safe intro!: "&I"; AOT_subst y ¬q0]x ¬q0 for: x)
7245       (auto simp: act_not_q_zero not_delta_not_q_zero
7246                   "beta-C-meta"[THEN "→E", OF 1])
7247  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
7248    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7249  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
7250    using "&E" by blast+
7251  note props = props this
7252
7253  AOT_modally_strict {
7254    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
7255  } note 1 = this
7256  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b &
7257                     𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
7258  proof (safe intro!: "&I"; AOT_subst y ¬[E!]y]x ¬[E!]x for: x)
7259    AOT_show 𝒜¬[E!]b
7260      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
7261  next AOT_show ¬Δ¬[E!]b
7262      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
7263            b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
7264  next AOT_show 𝒜¬[E!]a
7265      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
7266  next AOT_show Δ¬[E!]a
7267      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta
7268            not_act_concrete_a not_delta_concrete_a "reductio-aa:1"
7269      by blast
7270  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7271  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
7272    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7273  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
7274    using "&E" by blast+
7275  note props = props this
7276
7277  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
7278    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
7279  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
7280    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7281  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
7282    using "&E" by blast+
7283  note props = props this
7284
7285  let  = "«y [O!]y  q0]»"
7286  AOT_modally_strict {
7287    AOT_have [«»] by "cqt:2[lambda]"
7288  } note 1 = this
7289  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7290  proof (safe intro!: "&I"; AOT_subst y O!y  q0]x O!x  q0 for: x)
7291    AOT_show 𝒜([O!]b  q0)
7292      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
7293  next AOT_show Δ([O!]b  q0)
7294      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7295  next AOT_show ¬𝒜([O!]a  q0)
7296      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7297            not_act_q_zero "raa-cor:3" by blast
7298  next AOT_show Δ([O!]a  q0)
7299    proof (rule not_act_and_pos_delta)
7300      AOT_show ¬𝒜([O!]a  q0)
7301        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7302              not_act_q_zero "raa-cor:3" by blast
7303    next AOT_show ([O!]a  q0)
7304        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
7305    qed
7306  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7307  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
7308    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7309  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
7310    using "&E" by blast+
7311  note props = props this
7312
7313  let  = "«y [O!]y  ¬q0]»"
7314  AOT_modally_strict {
7315     AOT_have [«»] by "cqt:2[lambda]"
7316  } note 1 = this
7317  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7318  proof (safe intro!: "&I"; AOT_subst y O!y  ¬q0]x O!x  ¬q0 for: x)
7319    AOT_show 𝒜([O!]b  ¬q0)
7320      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7321  next AOT_show Δ([O!]b  ¬q0)
7322      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7323  next AOT_show 𝒜([O!]a  ¬q0)
7324      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7325  next AOT_show ¬Δ([O!]a  ¬q0)
7326    proof(rule act_and_pos_not_not_delta)
7327      AOT_show 𝒜([O!]a  ¬q0)
7328        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7329    next
7330      AOT_have ¬[O!]a
7331        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta
7332              not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
7333      moreover AOT_have q0
7334        by (meson "&E"(1) q0_prop)
7335      ultimately AOT_have 2: (¬[O!]a & q0)
7336         by (metis "KBasic:16" "&I" "vdash-properties:10")
7337      AOT_show ¬([O!]a  ¬q0)
7338      proof (AOT_subst (reverse) ¬([O!]a  ¬q0) ¬[O!]a & q0)
7339        AOT_modally_strict {
7340          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
7341            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
7342                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
7343        }
7344      next
7345        AOT_show (¬[O!]a & q0)
7346          using "2" by blast
7347      qed
7348    qed
7349  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7350  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
7351    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7352  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
7353    using "&E" by blast+
7354  note props = props this
7355
7356  AOT_have [L]
7357    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
7358  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
7359  proof (safe intro!: "&I")
7360    AOT_show 𝒜[L]b
7361      by (meson nec_L "nec-imp-act" "vdash-properties:10")
7362    next AOT_show Δ[L]b using nec_L nec_delta by blast
7363    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "→E")
7364    next AOT_show Δ[L]a using nec_L nec_delta by blast
7365  qed
7366  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
7367    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7368  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
7369    using "&E" by blast+
7370  note props = props this
7371
7372  show ?thesis
7373    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1];
7374        rule "∃I"(2)[where β=F2]; rule "∃I"(2)[where β=F3];
7375        rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
7376        rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7];
7377        rule "∃I"(2)[where β=F8]; rule "∃I"(2)[where β=F9];
7378        rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
7379        rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13];
7380        rule "∃I"(2)[where β=F14]; rule "∃I"(2)[where β=F15];
7381        safe intro!: "&I")
7382       (match conclusion in "[?v  [F]  [G]]" for F G  7383        match props in A: "[?v  ¬φ{F}]" for φ 7384        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 7385        match props in B: "[?v  φ{G}]" 7386        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
7387                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
7388                                OF "Disjunction Addition"(2)[THEN "→E"],
7389                                OF "&I", OF A, OF B]››››)+
7390qed
7391
7392subsection‹The Theory of Objects›
7393text‹\label{PLM: 9.11}›
7394
7395AOT_theorem "o-objects-exist:1": x O!x
7396proof(rule RN)
7397  AOT_modally_strict {
7398    AOT_obtain a where (E!a & ¬𝒜[E!]a)
7399      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]]
7400      by blast
7401    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
7402    AOT_have x [E!]x]a
7403    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7404      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
7405    next
7406      AOT_show E!a by (fact 1)
7407    qed
7408    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
7409    AOT_thus x [O!]x by (rule "∃I")
7410  }
7411qed
7412
7413AOT_theorem "o-objects-exist:2": x A!x
7414proof (rule RN)
7415  AOT_modally_strict {
7416    AOT_obtain a where [A!]a
7417      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
7418    AOT_thus x A!x using "∃I" by blast
7419  }
7420qed
7421
7422AOT_theorem "o-objects-exist:3": ¬x O!x
7423  by (rule RN)
7424     (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]"
7425        "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2"
7426        "qml:2"[axiom_inst] "reductio-aa:2")
7427
7428AOT_theorem "o-objects-exist:4": ¬x A!x
7429  by (rule RN)
7430     (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]"
7431        "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2"
7432        "qml:2"[axiom_inst] "→E")
7433
7434AOT_theorem "o-objects-exist:5": ¬x E!x
7435proof (rule RN; rule "raa-cor:2")
7436  AOT_modally_strict {
7437    AOT_assume x E!x
7438    moreover AOT_obtain a where abs: A!a
7439      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]]
7440            "∃E"[rotated] by blast
7441    ultimately AOT_have E!a using "∀E" by blast
7442    AOT_hence 1: E!a by (metis "T◇" "→E")
7443    AOT_have y E!y]a
7444    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7445      AOT_show a using "cqt:2[const_var]"[axiom_inst].
7446    next
7447      AOT_show E!a by (fact 1)
7448    qed
7449    AOT_hence O!a
7450      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
7451    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
7452    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
7453  }
7454qed
7455
7456AOT_theorem partition: ¬x (O!x & A!x)
7457proof(rule "raa-cor:2")
7458  AOT_assume x (O!x & A!x)
7459  then AOT_obtain a where O!a & A!a
7460    using "∃E"[rotated] by blast
7461  AOT_thus p & ¬p for p
7462    by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1)
7463              "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
7464qed
7465
7466AOT_define eq_E :: ‹Π› ("'(=E')")
7467  "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
7468
7469syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
7470translations
7471  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
7472(* TODO: try to replace by a simple translations pattern *)
7473print_translation7474AOT_syntax_print_translations
7475[(const_syntax‹AOT_exe›, fn ctxt => fn [
7476  Const ("constAOT_PLM.eq_E", _),
7477  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7478] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
7479
7480text‹Note: Not explicitly mentioned as theorem in PLM.›
7481AOT_theorem "=E[denotes]": [(=E)]
7482  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
7483
7484AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
7485proof -
7486  (* TODO: rethink the product hacks *)
7487  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
7488    by (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7489  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2"
7490  show ?thesis apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
7491    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(_,_)", OF 0]
7492    by fast
7493qed
7494
7495AOT_theorem "=E-simple:2": x =E y  x = y
7496proof (rule "→I")
7497  AOT_assume x =E y
7498  AOT_hence O!x & O!y & F ([F]x  [F]y)
7499    using "=E-simple:1"[THEN "≡E"(1)] by blast
7500  AOT_thus x = y
7501    using "≡dfI"[OF "identity:1"] "∨I" by blast
7502qed
7503
7504AOT_theorem "id-nec3:1": x =E y  (x =E y)
7505proof (rule "≡I"; rule "→I")
7506  AOT_assume x =E y
7507  AOT_hence O!x & O!y & F ([F]x  [F]y)
7508    using "=E-simple:1" "≡E" by blast
7509  AOT_hence O!x & O!y & F ([F]x  [F]y)
7510    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4)
7511              "oa-facts:1" "raa-cor:3" "vdash-properties:10")
7512  AOT_hence (O!x & O!y & F ([F]x  [F]y))
7513    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
7514  AOT_thus (x =E y)
7515    using "=E-simple:1"
7516    by (AOT_subst x =E y O!x & O!y & F ([F]x  [F]y)) auto
7517next
7518  AOT_assume (x =E y)
7519  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
7520qed
7521
7522AOT_theorem "id-nec3:2": (x =E y)  x =E y
7523  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1,5) "Commutativity of ≡")
7524
7525AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
7526  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
7527
7528syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
7529translations
7530  (Π) "(≠E)" == (Π) "(=E)-"
7531syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
7532translations
7533 "_AOT_non_eq_E_infix κ κ'" ==
7534 "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
7535(* TODO: try replacing be a simple translations pattern *)
7536print_translation7537AOT_syntax_print_translations
7538[(const_syntax‹AOT_exe›, fn ctxt => fn [
7539  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
7540  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7541] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
7542AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
7543proof -
7544  (* TODO: try to avoid the product hacks *)
7545  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
7546    by (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7547  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2"
7548  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
7549    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
7550       (meson "oth-class-taut:3:a")
7551  also AOT_have   ¬(=E)xy
7552    apply (rule "beta-C-meta"[THEN "→E", unvarify ν1νn])
7553     apply "cqt:2[lambda]"
7554    by (fact 0)
7555  finally show ?thesis.
7556qed
7557
7558AOT_theorem "id-nec4:1": x E y  (x E y)
7559proof -
7560  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
7561  also AOT_have   ¬(x =E y)
7562    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
7563  also AOT_have   ¬(x =E y)
7564    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
7565  also AOT_have   (x E y)
7566    by (AOT_subst (reverse) ¬(x =E y) x E y)
7567       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
7568  finally show ?thesis.
7569qed
7570
7571AOT_theorem "id-nec4:2": (x E y)  (x E y)
7572  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2,5) "Commutativity of ≡")
7573
7574AOT_theorem "id-nec4:3": (x E y)  (x E y)
7575  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
7576
7577AOT_theorem "id-act2:1": x =E y  𝒜x =E y
7578  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1,6))
7579AOT_theorem "id-act2:2": x E y  𝒜x E y
7580  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1,6))
7581
7582AOT_theorem "ord=Eequiv:1": O!x  x =E x
7583proof (rule "→I")
7584  AOT_assume 1: O!x
7585  AOT_show x =E x
7586    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
7587    apply (rule "β←C"(1))
7588      apply "cqt:2[lambda]"
7589     apply (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7590    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
7591qed
7592
7593AOT_theorem "ord=Eequiv:2": x =E y  y =E x
7594proof(rule CP)
7595  AOT_assume 1: x =E y
7596  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
7597  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
7598  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
7599  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
7600qed
7601
7602AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
7603proof (rule CP)
7604  AOT_assume 1: x =E y & y =E z
7605  AOT_hence x = y & y = z
7606    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
7607  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
7608  moreover AOT_have x =E x
7609    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1)
7610          "ord=Eequiv:1" "→E" by blast
7611  ultimately AOT_show x =E z
7612    using "rule=E" by fast
7613qed
7614
7615AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
7616proof(rule CP)
7617  AOT_assume O!x  O!y
7618  moreover {
7619    AOT_assume O!x
7620    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
7621    moreover {
7622      AOT_modally_strict {
7623        AOT_have O!x  (x = y  x =E y)
7624        proof (rule "→I"; rule "≡I"; rule "→I")
7625          AOT_assume O!x
7626          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
7627          moreover AOT_assume x = y
7628          ultimately AOT_show x =E y using "rule=E" by fast
7629        next
7630          AOT_assume x =E y
7631          AOT_thus x = y by (metis "=E-simple:2" "→E")
7632        qed
7633      }
7634      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
7635    }
7636    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7637  }
7638  moreover {
7639    AOT_assume O!y
7640    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
7641    moreover {
7642      AOT_modally_strict {
7643        AOT_have O!y  (x = y  x =E y)
7644        proof (rule "→I"; rule "≡I"; rule "→I")
7645          AOT_assume O!y
7646          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
7647          moreover AOT_assume x = y
7648          ultimately AOT_show x =E y using "rule=E" id_sym by fast
7649        next
7650          AOT_assume x =E y
7651          AOT_thus x = y by (metis "=E-simple:2" "→E")
7652        qed
7653      }
7654      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
7655    }
7656    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7657  }
7658  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
7659qed
7660
7661AOT_theorem "ord-=E=:2": O!y  x x = y]
7662proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
7663  AOT_show x x =E y] by "cqt:2[lambda]"
7664next
7665  AOT_assume O!y
7666  AOT_hence 1: (x = y  x =E y) for x
7667    using "ord-=E=:1" "→E" "∨I" by blast
7668  AOT_have (x =E y  x = y) for x
7669    by (AOT_subst x =E y  x = y x = y  x =E y)
7670       (auto simp add: "Commutativity of ≡" 1)
7671  AOT_hence x (x =E y  x = y) by (rule GEN)
7672  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
7673qed
7674
7675
7676AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
7677proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
7678  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
7679next
7680  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
7681  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
7682    AOT_modally_strict {
7683      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
7684        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
7685                  "modus-tollens:1" "raa-cor:1" that)
7686    }
7687  next
7688    AOT_modally_strict {
7689      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
7690        apply(safe intro!: "&I")
7691          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
7692         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
7693        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
7694              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]]
7695        by fast
7696    }
7697  qed
7698qed
7699
7700AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
7701proof(rule "→I")
7702  AOT_assume F ([F]x  [F]y)
7703  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
7704  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
7705    using "∀E" by blast
7706  moreover AOT_have x F ([F]x  [F]y)]y
7707    apply (rule "β←C"(1))
7708      apply "cqt:2[lambda]"
7709     apply (fact "cqt:2[const_var]"[axiom_inst])
7710    by (simp add: RN GEN "oth-class-taut:3:a")
7711  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
7712  AOT_thus F ([F]x  [F]y)
7713    using "β→C"(1) by blast
7714qed
7715
7716AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
7717proof (rule "→I"; rule "→I")
7718  AOT_assume F ([F]x  [F]y)
7719  AOT_hence F ([F]x  [F]y)
7720    using "ind-nec"[THEN "→E"] by blast
7721  moreover AOT_assume O!x & O!y
7722  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
7723    using "&I" by blast
7724  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
7725qed
7726
7727AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
7728proof (rule "→I"; rule "→I")
7729  AOT_assume O!x & O!y
7730  moreover AOT_assume F ([F]x  [F]y)
7731  ultimately AOT_have x =E y
7732    using "ord=E:1" "→E" by blast
7733  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
7734qed
7735
7736AOT_theorem "ord=E2:1": (O!x & O!y)  (x  y  z z =E x]  z z =E y])
7737proof (rule "→I"; rule "≡I"; rule "→I";
7738       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7739  AOT_assume 0: O!x & O!y
7740  AOT_assume x  y
7741  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7742  AOT_assume z z =E x] = z z =E y]
7743  moreover AOT_have z z =E x]x
7744    apply (rule "β←C"(1))
7745      apply "cqt:2[lambda]"
7746     apply (fact "cqt:2[const_var]"[axiom_inst])
7747    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
7748  ultimately AOT_have z z =E y]x using "rule=E" by fast
7749  AOT_hence x =E y using "β→C"(1) by blast
7750  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
7751  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7752next
7753  AOT_assume z z =E x]  z z =E y]
7754  AOT_hence 0: ¬(z z =E x] = z z =E y])
7755    using "≡dfE"[OF "=-infix"] by blast
7756  AOT_have z z =E x] by "cqt:2[lambda]"
7757  AOT_hence z z =E x] = z z =E x]
7758    by (metis "rule=I:1")
7759  moreover AOT_assume x = y
7760  ultimately AOT_have z z =E x] = z z =E y]
7761    using "rule=E" by fast
7762  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
7763    using 0 "&I" by blast
7764qed
7765
7766AOT_theorem "ord=E2:2": (O!x & O!y)  (x  y  z z = x]  z z = y])
7767proof (rule "→I"; rule "≡I"; rule "→I";
7768       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7769  AOT_assume 0: O!x & O!y
7770  AOT_assume x  y
7771  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7772  AOT_assume z z = x] = z z = y]
7773  moreover AOT_have z z = x]x
7774    apply (rule "β←C"(1))
7775    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7776     apply (fact "cqt:2[const_var]"[axiom_inst])
7777    by (simp add: "id-eq:1")
7778  ultimately AOT_have z z = y]x using "rule=E" by fast
7779  AOT_hence x = y using "β→C"(1) by blast
7780  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7781next
7782  AOT_assume 0: O!x & O!y
7783  AOT_assume z z = x]  z z = y]
7784  AOT_hence 1: ¬(z z = x] = z z = y])
7785    using "≡dfE"[OF "=-infix"] by blast
7786  AOT_have z z = x]
7787    by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7788  AOT_hence z z = x] = z z = x]
7789    by (metis "rule=I:1")
7790  moreover AOT_assume x = y
7791  ultimately AOT_have z z = x] = z z = y]
7792    using "rule=E" by fast
7793  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
7794    using 1 "&I" by blast
7795qed
7796
7797AOT_theorem ordnecfail: O!x  ¬F x[F]
7798  by (meson "RM:1" "→I" nocoder[axiom_inst] "oa-facts:1" "→E")
7799
7800AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
7801proof (rule "→I"; rule "→I")
7802  AOT_assume 1: A!x & A!y
7803  AOT_assume F (x[F]  y[F])
7804  AOT_hence x[F]  y[F] for F using "∀E" by blast
7805  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
7806  AOT_hence F (x[F]  y[F]) by (rule GEN)
7807  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
7808  AOT_thus x = y
7809    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
7810qed
7811
7812AOT_theorem "ab-obey:2": (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
7813proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7814  AOT_assume 1: x = y
7815  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
7816  moreover {
7817    AOT_assume F (x[F] & ¬y[F])
7818    then AOT_obtain F where x[F] & ¬y[F]
7819      using "∃E"[rotated] by blast
7820    moreover AOT_have y[F]
7821      using calculation[THEN "&E"(1)] 1 "rule=E" by fast
7822    ultimately AOT_have p & ¬p for p
7823      by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
7824  }
7825  moreover {
7826    AOT_assume F (y[F] & ¬x[F])
7827    then AOT_obtain F where y[F] & ¬x[F]
7828      using "∃E"[rotated] by blast
7829    moreover AOT_have ¬y[F]
7830      using calculation[THEN "&E"(2)] 1 "rule=E" by fast
7831    ultimately AOT_have p & ¬p for p
7832      by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
7833  }
7834  ultimately AOT_show p & ¬p for p
7835    by (metis "∨E"(3) "raa-cor:1")
7836qed
7837
7838AOT_theorem "encoders-are-abstract": F x[F]  A!x
7839  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
7840            "oa-contingent:3" "vdash-properties:1[2]")
7841
7842AOT_theorem "denote=:1": Hx x[H]
7843  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; "cqt:2")
7844
7845AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
7846  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; "cqt:2")
7847
7848AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
7849  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; "cqt:2")
7850
7851AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
7852  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; "cqt:2")
7853
7854AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
7855  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; "cqt:2")
7856
7857AOT_theorem "denote=:3": x x[Π]  H (H = Π)
7858  using "existence:2[1]" "free-thms:1" "≡E"(2,5)
7859        "Commutativity of ≡" "≡Df" by blast
7860
7861AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
7862  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
7863
7864AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
7865  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
7866
7867AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
7868  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
7869
7870AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
7871  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
7872
7873AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
7874proof (rule "uniqueness:1"[THEN "≡dfI"])
7875  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
7876    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
7877  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
7878  proof (rule "→I")
7879    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
7880    AOT_hence β[F]  φ{F} for F
7881      using "∀E" "&E" by blast
7882    AOT_hence β[F]  a[F] for F
7883      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2,5)
7884            "Commutativity of ≡" by fast
7885    AOT_hence F (β[F]  a[F]) by (rule GEN)
7886    AOT_thus β = a
7887      using "ab-obey:1"[THEN "→E",
7888                OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]],
7889                THEN "→E"] by blast
7890  qed
7891  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
7892  AOT_thus α ([A!]α & F (α[F]  φ{F}) &
7893                β ([A!]β & F (β[F]  φ{F})  β = α))
7894    using "∃I" using a_prop "&I" by fast
7895qed
7896
7897AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
7898  using "A-objects!" by fast
7899
7900AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
7901  using "A-objects!" by fast
7902
7903AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
7904  using "A-objects!" by fast
7905
7906AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
7907  using "A-objects!" by fast
7908
7909AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
7910  using "A-objects!" by fast
7911
7912AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
7913  using "A-objects!" by fast
7914
7915AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
7916  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
7917
7918AOT_act_theorem "thm-can-terms2":
7919  y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
7920  using "y-in:2" by blast
7921
7922AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
7923proof(rule "→I")
7924  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
7925  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
7926    using "actual-desc:2"[THEN "→E"] by blast
7927  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
7928  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
7929qed
7930
7931AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
7932proof -
7933  AOT_have ιx(A!x & F (x[F]  φ{F}))
7934    by (simp add: "A-descriptions")
7935  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) &
7936             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7937    using "y-in:3"[THEN "→E"] by blast
7938  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
7939    using "&E" "∀E" by blast
7940qed
7941
7942AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
7943  using "desc-encode:1".
7944
7945AOT_theorem "desc-nec-encode:1": ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
7946proof -
7947  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
7948    by (simp add: "A-descriptions")
7949  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) &
7950             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
7951    using "actual-desc:4"[THEN "→E"] by blast
7952  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7953    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
7954  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7955    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
7956  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7957    using "∀E" by blast
7958  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
7959    using "Act-Basic:5" "≡E"(1) by blast
7960  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
7961    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
7962qed
7963
7964AOT_theorem "desc-nec-encode:2": ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
7965  using "desc-nec-encode:1".
7966
7967AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
7968  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
7969     (meson "nec-imp-act" "vdash-properties:10")
7970
7971AOT_theorem "Box-desc-encode:2":
7972φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
7973proof(rule CP)
7974  AOT_assume φ{G}
7975  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
7976  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
7977  proof (rule RM; rule "→I")
7978    AOT_modally_strict {
7979      AOT_assume 1: φ{G}
7980      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G]
7981        using "Box-desc-encode:1" "→E" by blast
7982      moreover AOT_have φ{G}
7983        using 1 by (meson "qml:2"[axiom_inst] "→E")
7984      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
7985        using "→I" "≡I" by simp
7986    }
7987  qed
7988  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
7989    using "→E" by blast
7990qed
7991
7992definition rigid_condition where
7993  rigid_condition φ  v . [v  α (φ{α}  φ{α})]
7994syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
7995
7996AOT_theorem "strict-can:1[E]":
7997  assumes RIGID_CONDITION(φ)
7998  shows α (φ{α}  φ{α})
7999  using assms[unfolded rigid_condition_def] by auto
8000
8001AOT_theorem "strict-can:1[I]":
8002  assumes  α (φ{α}  φ{α})
8003  shows RIGID_CONDITION(φ)
8004  using assms rigid_condition_def by auto
8005
8006AOT_theorem "box-phi-a:1":
8007  assumes RIGID_CONDITION(φ)
8008  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
8009proof (rule "→I")
8010  AOT_assume a: A!x & F (x[F]  φ{F})
8011  AOT_hence b: A!x
8012    by (metis "Conjunction Simplification"(1) "oa-facts:2" "→E")
8013  AOT_have x[F]  φ{F} for F
8014    using a[THEN "&E"(2)] "∀E" by blast
8015  moreover AOT_have (x[F]  x[F]) for F
8016    by (meson "pre-en-eq:1[1]" RN)
8017  moreover AOT_have (φ{F}  φ{F}) for F
8018    using RN "strict-can:1[E]"[OF assms] "∀E" by blast
8019  ultimately AOT_have (x[F]  φ{F}) for F
8020    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
8021  AOT_hence F (x[F]  φ{F}) by (rule GEN)
8022  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
8023  AOT_thus ([A!]x & F (x[F]  φ{F}))
8024    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
8025qed
8026
8027AOT_theorem "box-phi-a:2":
8028  assumes RIGID_CONDITION(φ)
8029  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
8030proof(rule "→I")
8031  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
8032  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
8033    using "actual-desc:2"[THEN "→E"] by fast
8034  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
8035    using "Act-Basic:2" "&E" "≡E"(1) by blast+
8036  AOT_hence F 𝒜(y[F]  φ{F})
8037    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8038  AOT_hence 𝒜(y[F]  φ{F}) for F
8039    using "∀E" by blast
8040  AOT_hence 𝒜y[F]  𝒜φ{F} for F
8041    by (metis "Act-Basic:5" "≡E"(1)) 
8042  AOT_hence y[F]  φ{F} for F
8043    using "sc-eq-fur:2"[THEN "→E",
8044            OF "strict-can:1[E]"[OF assms,
8045                THEN "∀E"(2)[where β=F], THEN RN]]
8046    by (metis "en-eq:10[1]" "≡E"(6))
8047  AOT_hence F (y[F]  φ{F}) by (rule GEN)
8048  AOT_thus [A!]y & F (y[F]  φ{F})
8049    using abs "&I" "≡E"(2) "oa-facts:8" by blast
8050qed
8051
8052AOT_theorem "box-phi-a:3":
8053  assumes RIGID_CONDITION(φ)
8054  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8055  using "desc-nec-encode:2"
8056    "sc-eq-fur:2"[THEN "→E",
8057        OF "strict-can:1[E]"[OF assms,
8058          THEN "∀E"(2)[where β=F], THEN RN]]
8059    "≡E"(5) by blast
8060
8061AOT_define Null :: ‹τ  φ› ("Null'(_')") 
8062  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
8063
8064AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
8065  "df-null-uni:2": Universal(x) df A!x & F x[F]
8066
8067AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
8068proof (rule "uniqueness:1"[THEN "≡dfI"])
8069  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
8070    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8071  AOT_have a_null: ¬a[F] for F
8072  proof (rule "raa-cor:2")
8073    AOT_assume a[F]
8074    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
8075    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
8076    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
8077  qed
8078  AOT_have Null(a) & β (Null(β)  β = a)
8079  proof (rule "&I")
8080    AOT_have ¬F a[F]
8081      using a_null by (metis "instantiation" "reductio-aa:1")
8082    AOT_thus Null(a)
8083      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
8084  next
8085    AOT_show β (Null(β)  β = a)
8086    proof (rule GEN; rule "→I")
8087      fix β
8088      AOT_assume a: Null(β)
8089      AOT_hence ¬F β[F]
8090        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8091      AOT_hence β_null: ¬β[F] for F
8092        by (metis "existential:2[const_var]" "reductio-aa:1")
8093      AOT_have F (β[F]  a[F])
8094        apply (rule GEN; rule "≡I"; rule CP)
8095        using "raa-cor:3" β_null a_null by blast+
8096      moreover AOT_have A!β
8097        using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8098      ultimately AOT_show β = a
8099        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8100              "&I" by blast
8101    qed
8102  qed
8103  AOT_thus α (Null(α) & β (Null(β)  β = α))
8104    using "∃I"(2) by fast
8105qed
8106
8107AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
8108proof (rule "uniqueness:1"[THEN "≡dfI"])
8109  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
8110    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8111  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
8112  AOT_hence Universal(a)
8113    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
8114  moreover AOT_have β (Universal(β)  β = a)
8115  proof (rule GEN; rule "→I")
8116    fix β
8117    AOT_assume Universal(β)
8118    AOT_hence abs_β: A!β and β[F] for F
8119      using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
8120    AOT_hence β[F]  a[F] for F
8121      using aF by (metis "deduction-theorem" "≡I")
8122    AOT_hence F (β[F]  a[F]) by (rule GEN)
8123    AOT_thus β = a
8124      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8125            "&I" abs_β by blast
8126  qed
8127  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
8128    using "&I" "∃I" by fast
8129qed
8130
8131AOT_theorem "null-uni-uniq:3": ιx Null(x)
8132  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
8133
8134AOT_theorem "null-uni-uniq:4": ιx Universal(x)
8135  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
8136
8137AOT_define Null_object :: ‹κs (a)
8138  "df-null-uni-terms:1": a =df ιx Null(x)
8139
8140AOT_define Universal_object :: ‹κs (aV)
8141  "df-null-uni-terms:2": aV =df ιx Universal(x)
8142
8143AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
8144proof (rule "→I")
8145  AOT_assume Null(x)
8146  AOT_hence x_abs: A!x and x_null: ¬F x[F]
8147    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
8148  AOT_have ¬x[F] for F using x_null
8149    using "existential:2[const_var]" "reductio-aa:1"
8150    by metis
8151  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
8152  AOT_hence F ¬x[F] by (rule GEN)
8153  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
8154  moreover AOT_have F ¬x[F]  ¬F x[F]
8155    apply (rule RM)
8156    by (metis (full_types) "instantiation" "cqt:2[const_var]"[axiom_inst]
8157                           "→I" "reductio-aa:1" "rule-ui:1")
8158  ultimately AOT_have ¬F x[F]
8159    by (metis "→E")
8160  moreover AOT_have A!x using x_abs
8161    using "oa-facts:2" "vdash-properties:10" by blast
8162  ultimately AOT_have r: (A!x & ¬F x[F])
8163    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8164  AOT_show Null(x)
8165    by (AOT_subst Null(x) A!x & ¬F x[F])
8166       (auto simp: "df-null-uni:1" "≡Df" r)
8167qed  
8168
8169AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
8170proof (rule "→I")
8171  AOT_assume Universal(x)
8172  AOT_hence x_abs: A!x and x_univ: F x[F]
8173    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
8174  AOT_have x[F] for F using x_univ "∀E" by blast
8175  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
8176  AOT_hence F x[F] by (rule GEN)
8177  AOT_hence F x[F] by (rule BF[THEN "→E"])
8178  moreover AOT_have A!x using x_abs
8179    using "oa-facts:2" "vdash-properties:10" by blast
8180  ultimately AOT_have r: (A!x & F x[F])
8181    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8182  AOT_show Universal(x)
8183    by (AOT_subst Universal(x) A!x & F x[F])
8184       (auto simp add: "df-null-uni:2" "≡Df" r)
8185qed
8186
8187AOT_theorem "null-uni-facts:3": Null(a)
8188  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
8189   apply (simp add: "null-uni-uniq:3")
8190  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
8191    "sc-eq-fur:2"[THEN "→E",
8192        OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"],
8193        THEN "≡E"(1)]
8194  by blast
8195
8196AOT_theorem "null-uni-facts:4": Universal(aV)
8197  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
8198   apply (simp add: "null-uni-uniq:4")
8199  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
8200    "sc-eq-fur:2"[THEN "→E",
8201        OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"],
8202        THEN "≡E"(1)]
8203  by blast
8204
8205AOT_theorem "null-uni-facts:5": a  aV
8206proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8207    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8208    rule "≡dfI"[OF "=-infix"];
8209    rule "raa-cor:2")
8210  AOT_obtain x where nullx: Null(x)
8211    by (metis "instantiation" "df-null-uni-terms:1" "existential:1"
8212              "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:b[zero]")
8213  AOT_hence act_null: 𝒜Null(x)
8214    by (metis "nec-imp-act" "null-uni-facts:1" "→E")
8215  AOT_assume ιx Null(x) = ιx Universal(x)
8216  AOT_hence 𝒜x(Null(x)  Universal(x))
8217    using "actual-desc:5"[THEN "→E"] by blast
8218  AOT_hence x 𝒜(Null(x)  Universal(x))
8219    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8220  AOT_hence 𝒜Null(x)  𝒜Universal(x)
8221    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
8222  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
8223  AOT_hence Universal(x)
8224    by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "→E")
8225  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
8226  moreover AOT_have ¬F x[F]
8227    using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
8228  ultimately AOT_show p & ¬p for p
8229    by (metis "cqt-further:1" "raa-cor:3" "→E")
8230qed
8231
8232AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
8233proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8234  AOT_show ιx([A!]x & F (x[F]  F  F))
8235    by (simp add: "A-descriptions")
8236next
8237  AOT_show a
8238    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8239       (simp add: "null-uni-uniq:3")
8240next
8241  AOT_have ιx([A!]x & F (x[F]  F  F))
8242    by (simp add: "A-descriptions")
8243  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
8244    using "rule=I:1" by blast
8245  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
8246    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8247           rule "&I")
8248     apply (meson "≡dfE" "Conjunction Simplification"(1)
8249                  "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8250                  "null-uni-uniq:3" "rule-id-df:2:a[zero]" "→E")
8251    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8252next
8253  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
8254  proof (rule GEN)
8255    fix F
8256    AOT_have ¬a[F]
8257      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8258         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3) "∃I"(2)
8259                "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8260                "raa-cor:2" "rule-id-df:2:a[zero]"
8261                "russell-axiom[enc,1].ψ_denotes_asm")
8262    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
8263    proof(rule "raa-cor:2")
8264      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
8265      AOT_hence 𝒜(F  F)
8266        using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
8267      moreover AOT_have ¬𝒜(F  F)
8268        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2)
8269              "=-infix" "raa-cor:3" by blast
8270      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
8271    qed
8272    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
8273      using "deduction-theorem" "≡I" "raa-cor:4" by blast
8274  qed
8275qed
8276
8277AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
8278proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8279  AOT_show ιx([A!]x & F (x[F]  F = F))
8280    by (simp add: "A-descriptions")
8281next
8282  AOT_show aV
8283    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8284       (simp add: "null-uni-uniq:4")
8285next
8286  AOT_have ιx([A!]x & F (x[F]  F = F))
8287    by (simp add: "A-descriptions")
8288  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
8289    using "rule=I:1" by blast
8290  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
8291    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8292           rule "&I")
8293     apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2"
8294                  "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4"
8295                  "rule-id-df:2:a[zero]" "→E")
8296    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8297next
8298  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
8299  proof (rule GEN)
8300    fix F
8301    AOT_have aV[F]
8302      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8303      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2"
8304            "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]"
8305            "rule-ui:3" by blast
8306    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
8307      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
8308    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
8309      using "deduction-theorem" "≡I" by simp
8310  qed
8311qed
8312
8313AOT_theorem "aclassical:1":
8314Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
8315proof(rule GEN)
8316  fix R
8317  AOT_obtain a where a_prop:
8318    A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
8319    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8320  AOT_have a_enc: az [R]za]
8321  proof (rule "raa-cor:1")
8322    AOT_assume 0: ¬az [R]za]
8323    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8324      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
8325                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8326                THEN "≡E"(1), rotated])
8327         "cqt:2[lambda]"
8328    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8329      using "cqt-further:4" "vdash-properties:10" by blast
8330    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za])
8331      using "∀E" by blast
8332    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
8333      by (metis "&I" "deduction-theorem" "raa-cor:3")
8334    moreover AOT_have z [R]za] = z [R]za]
8335      by (rule "=I") "cqt:2[lambda]"
8336    ultimately AOT_have az [R]za]
8337      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8338    AOT_thus az [R]za] & ¬az [R]za]
8339      using 0 "&I" by blast
8340  qed
8341  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8342    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8343       "cqt:2"
8344  then AOT_obtain b where b_prop:
8345    A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
8346    using "∃E"[rotated] by blast
8347  AOT_have a  b
8348    apply (rule "≡dfI"[OF "=-infix"])
8349    using a_enc b_prop[THEN "&E"(2)]
8350    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8351          "raa-cor:3" "reductio-aa:1" by fast
8352  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
8353    using b_prop "&E" a_prop "&I" by meson
8354  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
8355  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
8356qed
8357
8358AOT_theorem "aclassical:2":
8359  Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
8360proof(rule GEN)
8361  fix R
8362  AOT_obtain a where a_prop:
8363    A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
8364    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8365  AOT_have a_enc: az [R]az]
8366  proof (rule "raa-cor:1")
8367    AOT_assume 0: ¬az [R]az]
8368    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8369      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
8370                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8371                THEN "≡E"(1), rotated])
8372         "cqt:2[lambda]"
8373    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8374      using "cqt-further:4" "vdash-properties:10" by blast
8375    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az])
8376      using "∀E" by blast
8377    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
8378      by (metis "&I" "deduction-theorem" "raa-cor:3")
8379    moreover AOT_have z [R]az] = z [R]az]
8380      by (rule "=I") "cqt:2[lambda]"
8381    ultimately AOT_have az [R]az]
8382      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8383    AOT_thus az [R]az] & ¬az [R]az]
8384      using 0 "&I" by blast
8385  qed
8386  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8387    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8388       "cqt:2"
8389  then AOT_obtain b where b_prop:
8390    A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
8391    using "∃E"[rotated] by blast
8392  AOT_have a  b
8393    apply (rule "≡dfI"[OF "=-infix"])
8394    using a_enc b_prop[THEN "&E"(2)]
8395    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8396          "raa-cor:3" "reductio-aa:1" by fast
8397  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
8398    using b_prop "&E" a_prop "&I" by meson
8399  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
8400  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
8401qed
8402
8403AOT_theorem "aclassical:3":
8404  Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
8405proof(rule GEN)
8406  fix R
8407  AOT_obtain a where a_prop:
8408    A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
8409    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8410  AOT_have z [R]a] by "cqt:2[lambda]"
8411  (* TODO: S should no longer be necessary *)
8412  then AOT_obtain S where S_def: S = z [R]a]
8413    by (metis "instantiation" "rule=I:1" "existential:1" id_sym)
8414  AOT_have a_enc: a[S]
8415  proof (rule "raa-cor:1")
8416    AOT_assume 0: ¬a[S]
8417    AOT_hence ¬y(A!y & S = z [R]y] & ¬y[S])
8418      by (rule a_prop[THEN "&E"(2), THEN "∀E"(2)[where β=S],
8419                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8420                THEN "≡E"(1), rotated]) 
8421    AOT_hence y ¬(A!y & S = z [R]y] & ¬y[S])
8422      using "cqt-further:4" "vdash-properties:10" by blast
8423    AOT_hence ¬(A!a & S = z [R]a] & ¬a[S]) using "∀E" by blast
8424    AOT_hence (A!a & S = z [R]a])  a[S]
8425      by (metis "&I" "deduction-theorem" "raa-cor:3")
8426    moreover AOT_have S = z [R]a] using S_def .
8427    ultimately AOT_have a[S] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8428    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
8429  qed
8430  AOT_hence y(A!y & S = z [R]y] & ¬y[S])
8431    by (rule a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1), rotated])
8432  then AOT_obtain b where b_prop: A!b & S = z [R]b] & ¬b[S]
8433    using "∃E"[rotated] by blast
8434  AOT_have 1: a  b
8435    apply (rule "≡dfI"[OF "=-infix"])
8436    using a_enc b_prop[THEN "&E"(2)]
8437    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8438          "raa-cor:3" "reductio-aa:1" by fast
8439  AOT_have a:  [R]a] = ([R]a)
8440    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8441    by (meson "log-prop-prop:2")
8442  AOT_have b:  [R]b] = ([R]b)
8443    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8444    by (meson "log-prop-prop:2")
8445  AOT_have  [R]a] =  [R]b]
8446    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
8447    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
8448    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
8449     apply (rule "rule=E"[rotated, OF S_def])
8450    using b_prop "&E" apply blast
8451    apply (safe intro!: "&I")
8452    by (simp add: "log-prop-prop:2")+
8453  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
8454    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)]
8455          "&I" by auto
8456  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
8457  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
8458qed
8459
8460AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
8461proof -
8462  AOT_have x y ([A!]x & [A!]y & x  y &
8463               z xy F ([F]x  [F]y)]zx] =
8464               z xy F ([F]x  [F]y)]zy])
8465    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
8466       "cqt:2"
8467  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
8468               z xy F ([F]x  [F]y)]zx] =
8469               z xy F ([F]x  [F]y)]zy])
8470    using "∃E"[rotated] by blast
8471  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
8472               z xy F ([F]x  [F]y)]zx] =
8473               z xy F ([F]x  [F]y)]zy])
8474    using "∃E"[rotated] by blast
8475  AOT_have z xy F ([F]x  [F]y)]zx]x
8476    by (auto intro!: "β←C"(1) "cqt:2";
8477        simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3"
8478                  "oth-class-taut:3:a" "universal-cor")
8479  AOT_hence z xy F ([F]x  [F]y)]zy]x
8480    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
8481  AOT_hence xy F ([F]x  [F]y)]xy
8482    by (rule "β→C"(1))
8483  AOT_hence F ([F]x  [F]y)
8484    using "β→C"(1) old.prod.case by fast
8485  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y)
8486    using 0 "&E" "&I" by blast
8487  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
8488  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
8489qed
8490
8491AOT_theorem "kirchner-thm:1":
8492  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8493proof(rule "≡I"; rule "→I")
8494  AOT_assume x φ{x}]
8495  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
8496  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8497  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8498    AOT_modally_strict {
8499      fix x y
8500      AOT_assume 0: x φ{x}]
8501      moreover AOT_assume F([F]x  [F]y)
8502      ultimately AOT_have x φ{x}]x  x φ{x}]y
8503        using "∀E" by blast
8504      AOT_thus (φ{x}  φ{y})
8505        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8506    }
8507  qed
8508  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8509    using "→E" by blast
8510next
8511  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y})) 
8512            y(x(F([F]x  [F]y) & φ{x})  φ{y})
8513  proof(rule "RM:1"; rule "→I"; rule GEN)
8514    AOT_modally_strict {
8515      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8516      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
8517        using "∀E"(2) "→E" that by blast
8518      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
8519      proof (rule "raa-cor:1")
8520        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
8521        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y}) 
8522                   (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8523          using "≡E"(1) "oth-class-taut:4:h" by blast
8524        moreover {
8525          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
8526          AOT_obtain a where F([F]a  [F]y) & φ{a}
8527            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8528          AOT_hence φ{y}
8529            using indisc[THEN "≡E"(1)] "&E" by blast
8530          AOT_hence p & ¬p for p
8531            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8532        }
8533        moreover {
8534          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8535          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
8536            using "&E"(1) "cqt-further:4" "→E" by blast
8537          AOT_hence ¬(F([F]y  [F]y) & φ{y})
8538            using "∀E" by blast
8539          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
8540            using "≡E"(1) "oth-class-taut:5:c" by blast
8541          moreover AOT_have F([F]y  [F]y)
8542            by (simp add: "oth-class-taut:3:a" "universal-cor")
8543          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
8544          AOT_hence p & ¬p for p
8545            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8546        }
8547        ultimately AOT_show p & ¬p for p
8548          using "∨E"(3) "raa-cor:1" by blast
8549      qed
8550    }
8551  qed
8552  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8553  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
8554    using "→E" by blast
8555  AOT_thus x φ{x}]
8556    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8557qed
8558
8559AOT_theorem "kirchner-thm:2":
8560  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8561    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8562proof(rule "≡I"; rule "→I")
8563  AOT_assume x1...xn φ{x1...xn}]
8564  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "→E")
8565  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8566    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8567  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8568    AOT_modally_strict {
8569      fix x1xn y1yn :: 'a AOT_var›
8570      AOT_assume 0: x1...xn φ{x1...xn}]
8571      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8572      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn 
8573                           x1...xn φ{x1...xn}]y1...yn
8574        using "∀E" by blast
8575      AOT_thus (φ{x1...xn}  φ{y1...yn})
8576        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8577    }
8578  qed
8579  ultimately AOT_show x1...∀xny1...∀yn(
8580    F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8581  )
8582    using "→E" by blast
8583next
8584  AOT_have 8585    (x1...∀xny1...∀yn
8586      (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})))
8587     y1...∀yn
8588        ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8589         φ{y1...yn})
8590  proof(rule "RM:1"; rule "→I"; rule GEN)
8591    AOT_modally_strict {
8592      AOT_assume x1...∀xny1...∀yn
8593        (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8594      AOT_hence indisc: φ{x1...xn}  φ{y1...yn}
8595        if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
8596        using "∀E"(2) "→E" that by blast
8597      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8598                φ{y1...yn} for y1yn
8599      proof (rule "raa-cor:1")
8600        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8601                    φ{y1...yn})
8602        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn)
8603                    & φ{x1...xn}))
8604                    & ¬φ{y1...yn}) 
8605                  (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8606                   & φ{y1...yn})
8607          using "≡E"(1) "oth-class-taut:4:h" by blast
8608        moreover {
8609          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8610                         & ¬φ{y1...yn}
8611          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
8612            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8613          AOT_hence φ{y1...yn}
8614            using indisc[THEN "≡E"(1)] "&E" by blast
8615          AOT_hence p & ¬p for p
8616            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8617        }
8618        moreover {
8619          AOT_assume 0: ¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8620                         & φ{y1...yn}
8621          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
8622            using "&E"(1) "cqt-further:4" "→E" by blast
8623          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn})
8624            using "∀E" by blast
8625          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
8626            using "≡E"(1) "oth-class-taut:5:c" by blast
8627          moreover AOT_have F([F]y1...yn  [F]y1...yn)
8628            by (simp add: "oth-class-taut:3:a" "universal-cor")
8629          ultimately AOT_have ¬φ{y1...yn}
8630            by (metis "¬¬I" "∨E"(2))
8631          AOT_hence p & ¬p for p
8632            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8633        }
8634        ultimately AOT_show p & ¬p for p
8635          using "∨E"(3) "raa-cor:1" by blast
8636      qed
8637    }
8638  qed
8639  moreover AOT_assume x1...∀xny1...∀yn
8640    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8641  ultimately AOT_have y1...∀yn
8642    ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8643     φ{y1...yn})
8644    using "→E" by blast
8645  AOT_thus x1...xn φ{x1...xn}]
8646    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8647qed
8648
8649AOT_theorem "kirchner-thm-cor:1":
8650  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8651proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8652  fix x y
8653  AOT_assume x φ{x}]
8654  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8655    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
8656  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8657    using CBF[THEN "→E"] by blast
8658  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8659    using "∀E" by blast
8660  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8661    using CBF[THEN "→E"] by blast
8662  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
8663    using "∀E" by blast
8664  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
8665    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8666  moreover AOT_assume F([F]x  [F]y)
8667  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
8668qed
8669
8670AOT_theorem "kirchner-thm-cor:2":
8671  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8672    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8673proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8674  fix x1xn y1yn
8675  AOT_assume x1...xn φ{x1...xn}]
8676  AOT_hence 0: x1...∀xny1...∀yn
8677    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8678    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
8679  AOT_have x1...∀xny1...∀yn
8680    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8681  proof(rule GEN; rule GEN)
8682    fix x1xn y1yn
8683    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8684      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
8685      using "∀E" by blast
8686  qed
8687  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn) 
8688                         (φ{x1...xn}  φ{y1...yn}))
8689    using "∀E" by blast
8690  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8691    using "∀E" by blast
8692  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8693    using "∀E" by blast
8694  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8695    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8696  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8697  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2"
8698  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn 
8699                       x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8700    using "∀E" by blast
8701  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8702    apply (rule "β←C"(1))
8703      apply "cqt:2[lambda]"
8704     apply (fact "cqt:2[const_var]"[axiom_inst])
8705    by (simp add: RN GEN "oth-class-taut:3:a")
8706  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn
8707    using "≡E"(2) by blast
8708  AOT_hence F ([F]x1...xn  [F]y1...yn)
8709    using "β→C"(1) by blast
8710  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
8711qed
8712
8713subsection‹Propositional Properties›
8714text‹\label{PLM: 9.12}›
8715
8716AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
8717  "prop-prop1": Propositional([F]) df p(F = y p])
8718
8719AOT_theorem "prop-prop2:1": p y p]
8720  by (rule GEN) "cqt:2[lambda]"
8721
8722AOT_theorem "prop-prop2:2": ν φ]
8723  by "cqt:2[lambda]"
8724
8725AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
8726proof (rule "→I")
8727  AOT_assume 0: F = y p]
8728  AOT_show x([F]x  p)
8729    by (rule "rule=E"[rotated, OF 0[symmetric]];
8730        rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
8731      "cqt:2[lambda]"
8732qed
8733
8734AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
8735proof(rule "→I")
8736  AOT_assume Propositional([F])
8737  AOT_hence p(F = y p])
8738    using "≡dfE"[OF "prop-prop1"] by blast
8739  then AOT_obtain p where F = y p]
8740    using "∃E"[rotated] by blast
8741  AOT_hence (F = y p])
8742    using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
8743  AOT_hence p (F = y p])
8744    using "∃I" by fast
8745  AOT_hence 0: p (F = y p])
8746    by (metis Buridan "vdash-properties:10")
8747  AOT_thus Propositional([F])
8748    using "prop-prop1"[THEN "≡Df"]
8749    by (AOT_subst Propositional([F]) p (F = y p])) auto
8750qed
8751
8752AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
8753  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
8754
8755AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
8756proof(rule "→I")
8757  AOT_assume Propositional([Π])
8758  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
8759  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
8760  AOT_show Indiscriminate([Π])
8761  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8762    AOT_show Π
8763      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
8764  next
8765    AOT_show (x [Π]x  x [Π]x)
8766    proof (rule "rule=E"[rotated, OF Π_def[symmetric]];
8767           rule RN; rule "→I"; rule GEN)
8768      AOT_modally_strict {
8769        AOT_assume x y p]x
8770        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
8771        AOT_hence 0: p by (metis "β→C"(1))
8772        AOT_show y p]x for x
8773          apply (rule "β←C"(1))
8774            apply "cqt:2[lambda]"
8775           apply (fact "cqt:2[const_var]"[axiom_inst])
8776          by (fact 0)
8777      }
8778    qed
8779  qed
8780qed
8781
8782AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
8783proof (rule "→I")
8784  AOT_assume Necessary([F])
8785  AOT_hence 0: x1...∀xn [F]x1...xn
8786    using "≡dfE"[OF "contingent-properties:1"] by blast
8787  AOT_show Indiscriminate([F])
8788    by (rule "≡dfI"[OF "prop-indis"])
8789       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "→E") 
8790qed
8791
8792AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
8793proof (rule "→I")
8794  AOT_modally_strict {
8795    AOT_have x ¬[F]x  (x [F]x  x [F]x)
8796      by (metis "∃E" "cqt-orig:3" "Hypothetical Syllogism" "→I" "raa-cor:3")
8797  }
8798  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
8799    by (rule "RM:1")
8800  AOT_assume Impossible([F])
8801  AOT_hence x ¬[F]x
8802    using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
8803  AOT_hence 1: (x [F]x  x [F]x)
8804    using 0 "→E" by blast
8805  AOT_show Indiscriminate([F])
8806    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8807       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
8808qed
8809
8810AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
8811proof(rule "raa-cor:2")
8812  AOT_assume Indiscriminate([E!])
8813  AOT_hence 0: (x [E!]x  x [E!]x)
8814    using "≡dfE"[OF "prop-indis"] "&E" by blast
8815  AOT_hence x [E!]x  x [E!]x
8816    using "KBasic:13" "vdash-properties:10" by blast
8817  moreover AOT_have x [E!]x
8818    by (simp add: "thm-cont-e:3")
8819  ultimately AOT_have x [E!]x
8820    by (metis "vdash-properties:6")
8821  AOT_thus p & ¬p for p
8822    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
8823qed
8824
8825AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
8826proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]];
8827       rule "raa-cor:2")
8828  AOT_assume Indiscriminate(x ¬[E!]x])
8829  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
8830    using "≡dfE"[OF "prop-indis"] "&E" by blast
8831  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
8832    using "→E" "qml:1" "vdash-properties:1[2]" by blast
8833  moreover AOT_have x x ¬[E!]x]x
8834    apply (AOT_subst x ¬E!x]x ¬E!x for: x)
8835    apply (rule "beta-C-meta"[THEN "→E"])
8836     apply "cqt:2"
8837    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2"
8838                           "o-objects-exist:5" "→E")
8839  ultimately AOT_have 1: x x ¬[E!]x]x
8840    by (metis "vdash-properties:6")
8841  AOT_hence x ¬[E!]x
8842    by (AOT_subst (reverse) ¬[E!]x  x ¬[E!]x]x for: x)
8843       (auto intro!: "cqt:2" "beta-C-meta"[THEN "→E"])
8844  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
8845  moreover AOT_obtain a where abs_a: O!a
8846    using "∃E" "o-objects-exist:1" "qml:2"[axiom_inst] "→E" by blast
8847  ultimately AOT_have ¬[E!]a using "∀E" by blast
8848  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
8849  AOT_have A!a
8850    apply (rule "=dfI"(2)[OF AOT_abstract])
8851     apply "cqt:2[lambda]"
8852    apply (rule "β←C"(1))
8853      apply "cqt:2[lambda]"
8854    using "cqt:2[const_var]"[axiom_inst] apply blast
8855    by (fact 2)
8856  AOT_thus p & ¬p for p using abs_a
8857    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
8858qed
8859
8860AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
8861proof(rule "raa-cor:2")
8862  AOT_assume Indiscriminate(O!)
8863  AOT_hence 0: (x O!x  x O!x)
8864    using "≡dfE"[OF "prop-indis"] "&E" by blast
8865  AOT_hence x O!x  x O!x
8866    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8867  moreover AOT_have x O!x
8868    using "o-objects-exist:1" by blast
8869  ultimately AOT_have x O!x
8870    by (metis "vdash-properties:6")
8871  AOT_thus p & ¬p for p
8872    by (metis "o-objects-exist:3" "qml:2"[axiom_inst] "raa-cor:3" "→E")
8873qed
8874
8875AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
8876proof(rule "raa-cor:2")
8877  AOT_assume Indiscriminate(A!)
8878  AOT_hence 0: (x A!x  x A!x)
8879    using "≡dfE"[OF "prop-indis"] "&E" by blast
8880  AOT_hence x A!x  x A!x
8881    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8882  moreover AOT_have x A!x
8883    using "o-objects-exist:2" by blast
8884  ultimately AOT_have x A!x
8885    by (metis "vdash-properties:6")
8886  AOT_thus p & ¬p for p
8887    by (metis "o-objects-exist:4" "qml:2"[axiom_inst] "raa-cor:3" "→E")
8888qed
8889
8890AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
8891  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
8892
8893AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
8894  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
8895
8896AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
8897  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
8898
8899AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
8900  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
8901
8902AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
8903proof(rule "→I")
8904  AOT_assume p (F = y p])
8905  AOT_hence p (F = y p])
8906    by (metis "BF◇" "→E")
8907  then AOT_obtain p where (F = y p])
8908    using "∃E"[rotated] by blast
8909  AOT_hence F = y p]
8910    by (metis "derived-S5-rules:2" emptyE "id-nec:2" "→E")
8911  AOT_thus p(F = y p]) by (rule "∃I")
8912qed
8913
8914AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
8915proof(rule "→I")
8916  AOT_assume p (F  y p])
8917  AOT_hence (F  y p]) for p
8918    using "∀E" by blast
8919  AOT_hence (F  y p]) for p
8920    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2"
8921  AOT_hence p (F  y p]) by (rule GEN)
8922  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
8923qed
8924
8925AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
8926proof(rule "→I")
8927  AOT_assume p (F = y p])
8928  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
8929  AOT_hence (F = y p]) by (metis "id-nec:2" "→E")
8930  AOT_hence p(F = y p]) by (rule "∃I")
8931  AOT_thus p(F = y p]) by (metis Buridan "→E")
8932qed
8933
8934AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
8935proof(rule "→I")
8936  AOT_assume p (F  y p])
8937  AOT_hence p (F  y p]) by (metis "Buridan◇" "→E")
8938  AOT_hence (F  y p]) for p
8939    using "∀E" by blast
8940  AOT_hence F  y p] for p
8941    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2"
8942  AOT_thus p (F  y p]) by (rule GEN)
8943qed
8944
8945AOT_theorem "enc-prop-nec:1":
8946  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
8947proof(rule "→I"; rule GEN; rule "→I")
8948  fix F
8949  AOT_assume F (x[F]  p(F = y p]))
8950  AOT_hence F (x[F]  p(F = y p]))
8951    using "Buridan◇" "vdash-properties:10" by blast
8952  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
8953  AOT_assume x[F]
8954  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
8955  AOT_hence p(F = y p])
8956    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
8957  AOT_thus p(F = y p])
8958    using "prop-prop-nec:1"[THEN "→E"] by blast
8959qed
8960
8961AOT_theorem "enc-prop-nec:2":
8962  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
8963  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
8964  by blast
8965
8966(*<*)
8967end
8968(*>*)